Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mustlive vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7233
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that move comments to the moderation l...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.8
1 EDB exploit
NA
CVE-2014-9094
Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.
Digitalzoomstudio Video Gallery -
1 EDB exploit
NA
CVE-2008-0207
Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) prot, (2) host, (3) path, (4) name, (5) ext, (6) size, (7) search_days, or (8) show_page parameter to the d...
Pro Search Pro Search
1 EDB exploit
NA
CVE-2008-2562
SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action.
Powerphlogger Powerphlogger 2.0.9
Powerphlogger Powerphlogger 2.2.1
Powerphlogger Powerphlogger 2.2.2a
Powerphlogger Powerphlogger
1 EDB exploit
NA
CVE-2012-1787
Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) URL, (2) FILE, or (3) DOMAIN parameters.
Webglimpse Webglimpse 2.17.1
Webglimpse Webglimpse 2.17.0
Webglimpse Webglimpse 2.14.9
Webglimpse Webglimpse 2.14.8
Webglimpse Webglimpse 2.13.2
Webglimpse Webglimpse 2.13.1
Webglimpse Webglimpse 2.10.1
Webglimpse Webglimpse 2.8.1
Webglimpse Webglimpse 2.6.2
Webglimpse Webglimpse 2.5.4
Webglimpse Webglimpse 2.2.0
Webglimpse Webglimpse
Webglimpse Webglimpse 2.18.8
Webglimpse Webglimpse 2.16.4
Webglimpse Webglimpse 2.16.3
Webglimpse Webglimpse 2.14.7
Webglimpse Webglimpse 2.14.6
Webglimpse Webglimpse 2.13.0
Webglimpse Webglimpse 2.12.2
Webglimpse Webglimpse 2.8.0
Webglimpse Webglimpse 2.7.8
Webglimpse Webglimpse 2.5.1
1 EDB exploit
NA
CVE-2007-3555
Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote malicious users to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424.
Moodle Moodle 1.7.1
1 EDB exploit
NA
CVE-2013-1808
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard prior to 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote malicious users to inject arbitrary web script or HTML via the i...
Zeroclipboard Project Zeroclipboard
Zeroclipboard Project Zeroclipboard 1.0.5
NA
CVE-2009-2350
Microsoft Internet Explorer 6.0.2900.2180 and previous versions does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) spe...
Microsoft Internet Explorer 6
1 EDB exploit
NA
CVE-2009-2352
Google Chrome 1.0.154.48 and previous versions does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the conte...
Google Chrome 1.0.154.36
Google Chrome 0.4.154.33
Google Chrome 0.2.152.1
Google Chrome 0.2.149.30
Google Chrome 1.0.154.42
Google Chrome 1.0.154.39
Google Chrome 0.3.154.0
Google Chrome 0.2.153.1
Google Chrome 1.0.154.43
Google Chrome 0.4.154.18
Google Chrome 0.3.154.3
Google Chrome 1.0.154.46
Google Chrome 0.4.154.31
Google Chrome 0.4.154.22
Google Chrome 0.2.149.29
Google Chrome
1 EDB exploit
NA
CVE-2007-3485
Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote malicious users to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI.
Yandex Yandex.server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »