Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4258
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote malicious users to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
Myrephp Myre Real Estate Software 2012
2 EDB exploits
NA
CVE-2013-7025
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or...
Sonicwall Global Management System 7.1
Sonicwall Analyzer 7.1
Sonicwall Global Management System 7.0
Sonicwall Analyzer 7.0
Sonicwall Uma E5000 Firmware 7.0
Sonicwall Uma E5000 Firmware 7.1
1 EDB exploit
NA
CVE-2013-6794
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote malicious users to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Olat Olat 7.8.0.1
1 EDB exploit
NA
CVE-2011-5228
Cross-site scripting (XSS) vulnerability in the Search module (quickstart/search) in appRain CMF 0.1.5 allows remote malicious users to inject arbitrary web script or HTML via the ss parameter.
Apprain Apprain 0.1.5
1 EDB exploit
NA
CVE-2012-3839
Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote malicious users to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search.
Myclientbase Myclientbase 0.12
1 EDB exploit
NA
CVE-2012-3840
Multiple cross-site scripting (XSS) vulnerabilities in index.php/users/form/user_id in MyClientBase 0.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name or (2) last_name parameters.
Myclientbase Myclientbase 0.12
1 EDB exploit
NA
CVE-2013-1471
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail prior to 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote malicious users to inject arbitrary web script or HTML via (1) the Add field for the B...
Fortinet Fortimail 3.0
Fortinet Fortimail 4.0
Fortinet Fortimail
1 EDB exploit
NA
CVE-2008-0474
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote malicious users to inject arbitrary web script or HTML via the (1) showlink parameter to jsp/DiscoveryProfiles.jsp; the (2) attributeIDs, (3) attributeToSelect, (4...
Manageengine Applications Manager 8.1 Build 8100
1 EDB exploit
NA
CVE-2013-3179
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
NA
CVE-2014-2879
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and previous versions allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html)...
Sonicwall Email Security Appliance
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »