Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elar lang vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2016-10008
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS prior to 3.7.2 and 4.x prior to 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter.
Dotcms Dotcms
4
CVSSv2
CVE-2018-18809
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperRepo...
Tibco Jasperreports Server 6.4.0
Tibco Jasperreports Library 6.4.1
Tibco Jasperreports Server 6.4.2
Tibco Jasperreports Library 6.4.2
Tibco Jasperreports Server
Tibco Jasperreports Server 6.4.1
Tibco Jasperreports Server 6.4.3
Tibco Jasperreports Server 7.1.0
Tibco Jasperreports Server 6.3.4
Tibco Jasperreports Library
Tibco Jasperreports Library 6.3.4
Tibco Jasperreports Library 6.4.21
Tibco Jasperreports Library 7.1.0
Tibco Jasperreports Library 7.2.0
Tibco Jaspersoft Reporting And Analytics
Tibco Jaspersoft
7.5
CVSSv2
CVE-2016-8902
SQL injection vulnerability in the categoriesServlet servlet in dotCMS prior to 3.3.1 allows remote not authenticated malicious users to execute arbitrary SQL commands via the sort parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8905
SQL injection vulnerability in the JSONTags servlet in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the sort parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8906
SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8907
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8908
SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8903
SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-8904
SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
6.5
CVSSv2
CVE-2016-10007
SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS prior to 3.7.2 and 4.x prior to 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter.
Dotcms Dotcms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »