Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sub vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-38321
The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selected_menu parameter found in the ~/custom-menus.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.3.3.
Custom-sub-menus Project Custom-sub-menus
5
CVSSv2
CVE-2021-1624
A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (...
Cisco Ios Xe
7.5
CVSSv2
CVE-2008-5190
SQL injection vulnerability in index.php in eSHOP100 allows remote malicious users to execute arbitrary SQL commands via the SUB parameter.
Eshop100 Eshop100 Nil
1 EDB exploit
5
CVSSv2
CVE-2008-0479
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote malicious users to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter.
Web Wiz Newspad 1.02
1 EDB exploit
5
CVSSv2
CVE-2008-0480
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and previous versions allow remote malicious users to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp.
Web Wiz Web Wiz Forums
1 EDB exploit
5
CVSSv2
CVE-2008-0466
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote malicious users to list directories and read files. NOTE: this can be leveraged for listings outside the c...
Webwiz Web Wiz Forums 9.07
Webwiz Web Wiz Newspad 1.02
Webwiz Web Wiz Rich Text Editor 4.0
2 EDB exploits
7.8
CVSSv2
CVE-2011-0349
Unspecified vulnerability in Cisco IOS 12.4(24)MD prior to 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different...
Cisco Ios 12.4(24)md
Cisco Ios 12.4(24)md1
7.8
CVSSv2
CVE-2011-0350
Unspecified vulnerability in Cisco IOS 12.4(24)MD prior to 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different...
Cisco Ios 12.4(24)md
Cisco Ios 12.4(24)md1
6.4
CVSSv2
CVE-2011-0348
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD prior to 12.4(24)MD3, 12.4(22)MDA prior to 12.4(22)MDA5, and 12.4(24)MDA prior to 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to bypass intended access restr...
Cisco Ios 12.4(11)md
Cisco Ios 12.4(15)md
Cisco Ios 12.4(22)md
Cisco Ios 12.4(22)mda
Cisco Ios 12.4(24)md
Cisco Ios 12.4(24)md1
Cisco Ios 12.4(24)mda
2.1
CVSSv2
CVE-2019-14858
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub par...
Redhat Ansible Engine
Redhat Ansible Tower
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »