Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
takeshi terada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-8476
Multiple CRLF injection vulnerabilities in PHPMailer prior to 5.2.14 allow malicious users to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class....
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Phpmailer Project Phpmailer
NA
CVE-2013-2248
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 up to and including 2.3.15 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
Apache Struts 2.0.11.2
Apache Struts 2.0.11.1
Apache Struts 2.3.14.3
Apache Struts 2.1.4
Apache Struts 2.2.1
Apache Struts 2.1.1
Apache Struts 2.1.0
Apache Struts 2.3.1.1
Apache Struts 2.0.0
Apache Struts 2.3.8
Apache Struts 2.0.11
Apache Struts 2.0.9
Apache Struts 2.0.6
Apache Struts 2.1.5
Apache Struts 2.0.12
Apache Struts 2.1.6
Apache Struts 2.0.4
Apache Struts 2.0.7
Apache Struts 2.0.10
Apache Struts 2.0.5
Apache Struts 2.3.4.1
Apache Struts 2.3.7
1 EDB exploit
NA
CVE-2013-1727
Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Mozilla Firefox 19.0
Mozilla Firefox 22.0
Mozilla Firefox 20.0
Mozilla Firefox
Mozilla Firefox 19.0.2
Mozilla Firefox 19.0.1
Mozilla Firefox 23.0
Mozilla Firefox 21.0
Mozilla Firefox 20.0.1
1 EDB exploit
NA
CVE-2012-4907
Google Chrome prior to 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote malicious users to have an unspecified impact via a crafted web page.
Google Chrome
NA
CVE-2012-4905
Cross-site scripting (XSS) vulnerability in Google Chrome prior to 18.0.1025308 on Android allows remote malicious users to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."
Google Chrome
1 EDB exploit
NA
CVE-2012-4906
Google Chrome prior to 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote malicious users to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903.
Google Chrome
1 EDB exploit
NA
CVE-2012-4909
Google Chrome prior to 18.0.1025308 on Android allows remote malicious users to obtain cookie information via a crafted application.
Google Chrome
1 EDB exploit
NA
CVE-2012-4908
Google Chrome prior to 18.0.1025308 on Android allows remote malicious users to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
Google Chrome
1 EDB exploit
NA
CVE-2013-2251
Apache Struts 2.0.0 up to and including 2.3.15 allows remote malicious users to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Apache Struts 2.2.3.1
Apache Struts 2.3.4
Apache Struts 2.3.14.1
Apache Struts 2.0.8
Apache Struts 2.1.2
Apache Struts 2.0.14
Apache Struts 2.1.8.1
Apache Struts 2.2.1.1
Apache Struts 2.0.1
Apache Struts 2.0.3
Apache Struts 2.3.12
Apache Struts 2.3.1.2
Apache Struts 2.0.11.1
Apache Struts 2.3.14.3
Apache Struts 2.3.15
Apache Struts 2.2.1
Apache Struts 2.1.3
Apache Struts 2.1.0
Apache Struts 2.1.8
Apache Struts 2.0.0
Apache Struts 2.3.1
Apache Struts 2.3.7
1 EDB exploit
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started