Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thor larholm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote malicious users to read files on the local system via a web page containing script that creates a dialog and then accesses the ta...
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
NA
CVE-2008-5432
Cross-site scripting (XSS) vulnerability in Moodle prior to 1.6.8, 1.7 prior to 1.7.6, 1.8 prior to 1.8.7, and 1.9 prior to 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Moodle Moodle 1.5.2
Moodle Moodle 1.9.1
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle 1.4.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.6.4
Moodle Moodle 1.1.1
Moodle Moodle 1.3.1
Moodle Moodle 1.4.4
Moodle Moodle 1.7.3
NA
CVE-2008-5153
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Moodle Moodle 1.8.2
NA
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
NA
CVE-2007-3215
PHPMailer 1.7, when configured to use sendmail, allows remote malicious users to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Phpmailer Phpmailer 1.7
Phpmailer Phpmailer 1.73
Phpmailer Phpmailer 1.7.2
Phpmailer Phpmailer 1.7.1
Phpmailer Phpmailer 1.7.3
NA
CVE-2008-6124
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 prior to 1.6.7, 1.7 prior to 1.7.5, 1.8 prior to 1.8.6, and 1.9 prior to 1.9.2 allows remote malicious users to execute arbitrary SQL commands via a crafte...
Moodle Moodle
Debian Debian Linux 4.0
NA
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Nagios Nagios
Wordpress Wordpress
NA
CVE-2008-4810
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote malicious users to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a doub...
Smarty Smarty 1.4.3
Smarty Smarty 1.0
Smarty Smarty 1.0b
Smarty Smarty 2.3.1
Smarty Smarty 2.6.0
Smarty Smarty 1.4.0
Smarty Smarty 1.4.5
Smarty Smarty 2.6.1
Smarty Smarty 2.6.7
Smarty Smarty 2.3.0
Smarty Smarty 1.0a
Smarty Smarty 1.1.0
Smarty Smarty 2.6.15
Smarty Smarty 2.6.3
Smarty Smarty 2.6.14
Smarty Smarty 2.5.0
Smarty Smarty 1.2.1
Smarty Smarty 2.6.17
Smarty Smarty 2.6.11
Smarty Smarty 1.3.0
Smarty Smarty 1.4.1
Smarty Smarty 2.0.1
NA
CVE-2008-4811
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and previous versions allows remote malicious users to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
Smarty Smarty 1.4.3
Smarty Smarty 1.0
Smarty Smarty 1.0b
Smarty Smarty 2.3.1
Smarty Smarty 2.6.0
Smarty Smarty 1.4.0
Smarty Smarty 1.4.5
Smarty Smarty 2.6.1
Smarty Smarty 2.6.7
Smarty Smarty 2.3.0
Smarty Smarty 1.0a
Smarty Smarty 1.1.0
Smarty Smarty 2.6.15
Smarty Smarty 2.6.3
Smarty Smarty 2.6.14
Smarty Smarty 2.5.0
Smarty Smarty 1.2.1
Smarty Smarty 2.6.17
Smarty Smarty 2.6.11
Smarty Smarty 1.3.0
Smarty Smarty 1.4.1
Smarty Smarty 2.0.1
NA
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.9.1
Moodle Moodle 1.8.2
Moodle Moodle 1.7.6
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »