Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivan sanchez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
NA
CVE-2008-2783
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote malicious users to inject arbitrary web script or HTML via the timestamp parameter to (1) week.php, (2) workweek.php, and (3) day.php; and (4) the horde p...
Horde Kronolith
Horde Groupware
Horde Groupware Webmail Edition
3 EDB exploits
NA
CVE-2007-5290
Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and previous versions; and possibly MailBee WebMail Pro ASP prior to 3.4.64, WebMail Lite ASP prior to 4.0.11, and WebMail Lite PHP prior to 4.0.22; allow remote malicious users to inject arbitrary web...
Afterlogic Mailbee Webmail
Afterlogic Mailbee Webmail 3.2
Afterlogic Mailbee Webmail 3.3
Afterlogic Mailbee Webmail 3.4
Afterlogic Mailbee Webmail 3.1
2 EDB exploits
NA
CVE-2009-3152
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote malicious users to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action.
Nt Bbs E-market
1 EDB exploit
NA
CVE-2008-6615
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solel...
Zen-cart Zen Cart 2008
1 EDB exploit
NA
CVE-2007-5952
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote malicious users to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Helioscalendar Helios Calendar 1.2.1 Beta
1 EDB exploit
NA
CVE-2008-6616
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details ...
Zen-cart Zen Cart 2008
1 EDB exploit
NA
CVE-2007-5647
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.
Socketkb Socketkb 1.1.5
1 EDB exploit
NA
CVE-2007-5649
Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via the lost_id parameter.
Socketmail Socketmail 2.2.1
1 EDB exploit
NA
CVE-2008-3956
orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .opx file.
Microsoft Organization Chart 2.00
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »