Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arora vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2010-1100
Integer overflow in Arora allows remote malicious users to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.
Arora-browser Arora
445
VMScore
CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote malicious users to spoof the common name (CN) of a certificate via rich text.
Arora-browser Arora 0.11.0
NA
CVE-2023-24386
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Karishma Arora AI Contact Us Form plugin <= 1.0 versions.
Ai Contact Us Form Project Ai Contact Us Form
NA
CVE-2023-34027
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a up to and including 1.0.0.
Rajarora795 Recently Viewed Products
383
VMScore
CVE-2021-3186
A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote malicious users to inject arbitrary web script or HTML via the Wifi Name parameter.
Tenda Ac1200 Firmware 15.03.06.47 Multi
935
VMScore
CVE-2010-3146
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Gr...
Microsoft Groove 2007
1 EDB exploit
505
VMScore
CVE-2008-4741
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the c parameter.
Far-php Far-php 1.00
1 EDB exploit
755
VMScore
CVE-2008-6266
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Appstate Phpwebsite 0.9.3-3
Appstate Phpwebsite 0.9.3-2
Appstate Phpwebsite 0.9.3-4
Appstate Phpwebsite 0.9.3-1
Appstate Phpwebsite 0.9.3
Appstate Phpwebsite 0.8.3
Appstate Phpwebsite 0.8.2
Appstate Phpwebsite 0.7.3
1 EDB exploit
755
VMScore
CVE-2008-6213
SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote malicious users to execute arbitrary SQL commands via the trg parameter.
Harlandscripts Pro Traffic One -
1 EDB exploit
435
VMScore
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »