Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
loneferret vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3791
Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php i...
Cms-center Simple Web Content Management System 1.1
1 EDB exploit
NA
CVE-2012-2571
Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS exp...
Winwebmail Winwebmail Server 3.8.1.6
1 EDB exploit
NA
CVE-2012-2925
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote malicious users to execute arbitrary SQL commands via the priority parameter in an addTodo action.
Simple Php Agenda Simple Php Agenda 2.2.8
1 EDB exploit
NA
CVE-2012-2582
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x prior to 2.4.13, 3.0.x prior to 3.0.15, and 3.1.x prior to 3.1.9, and OTRS ITSM 2.1.x prior to 2.1.5, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.6, allow remote malicious us...
Otrs Otrs 2.4.0
Otrs Otrs 2.4.9
Otrs Otrs 2.4.4
Otrs Otrs 2.4.3
Otrs Otrs 2.4.2
Otrs Otrs 2.4.10
Otrs Otrs 2.4.6
Otrs Otrs 2.4.5
Otrs Otrs 2.4.11
Otrs Otrs 2.4.1
Otrs Otrs 2.4.8
Otrs Otrs 2.4.7
Otrs Otrs 2.4.12
Otrs Otrs 3.0.0
Otrs Otrs 3.0.3
Otrs Otrs 3.0.2
Otrs Otrs 3.0.11
Otrs Otrs 3.0.12
Otrs Otrs 3.0.4
Otrs Otrs 3.0.7
Otrs Otrs 3.0.6
Otrs Otrs 3.0.10
1 EDB exploit
NA
CVE-2012-2572
Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflector plugin prior to 1.16 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Subject of an email.
Mindreantre Threewp Email Reflector 1.12
Mindreantre Threewp Email Reflector 1.11
Mindreantre Threewp Email Reflector 1.4
Mindreantre Threewp Email Reflector 1.3
Mindreantre Threewp Email Reflector 1.10
Mindreantre Threewp Email Reflector 1.9
Mindreantre Threewp Email Reflector 1.2
Mindreantre Threewp Email Reflector 1.1
Mindreantre Threewp Email Reflector
Mindreantre Threewp Email Reflector 1.8
Mindreantre Threewp Email Reflector 1.7
Mindreantre Threewp Email Reflector 1.0
Mindreantre Threewp Email Reflector 1.14
Mindreantre Threewp Email Reflector 1.13
Mindreantre Threewp Email Reflector 1.6
Mindreantre Threewp Email Reflector 1.5
1 EDB exploit
NA
CVE-2012-2575
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.
Netwin Surgemail 6.0
1 EDB exploit
NA
CVE-2012-2578
Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a JavaScript alert function used in conjunction with the fromCharCode method, (2) a SCRIPT element, (3) a...
Smartertools Smartermail 9.2
1 EDB exploit
NA
CVE-2012-2579
Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email.
Wp Simplemail Project Wp Simplemail 1.0.6
1 EDB exploit
NA
CVE-2012-2580
Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, and possibly prior to 1.5.15, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the From field of an email.
Postieplugin Postie
Postieplugin Postie 1.4.3
1 EDB exploit
NA
CVE-2012-2583
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the body of an email.
Mini Mail Dashboard Widget Project Mini Mail Dashboard Widget 1.42
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »