Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-0101
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Make-a-store Orderpage
5
CVSSv2
CVE-2015-6355
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote malicious users to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226.
Cisco Unified Computing System 2.2\\(5b\\)a
6.8
CVSSv2
CVE-2010-1454
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 prior to 6.0.20.D, and 6.0.25.A prior to 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote m...
Vmware Tc Server 6.0.25.a
Vmware Tc Server 6.0.20.a
Vmware Tc Server 6.0.19.a
Vmware Tc Server 6.0.20
Vmware Tc Server 6.0.20.b
Vmware Tc Server 6.0.20.c
Vmware Tc Server 6.0.19
3.3
CVSSv2
CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
Hp Dynrootdisk A.1.0.16.417
Hp Dynrootdisk A.2.0.0.592
Hp Dynrootdisk A.1.0.18.245
Hp Dynrootdisk A.1.1.0.344
Hp Hp-ux 11.23
Hp Hp-ux 11.31
Hp Hp-ux 11.11
Hp Ignite-ux C.7.1.92
Hp Ignite-ux C.7.2.93
Hp Ignite-ux C.7.3.144
Hp Ignite-ux C.7.0.212
5
CVSSv2
CVE-2015-1320
The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions before 1.9.2.
Canonical Metal As A Service
7.2
CVSSv2
CVE-2000-0296
fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck.
Michael A. Gumienny Fcheck 2.7.45
5
CVSSv2
CVE-2008-3728
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to determine the installation path, IP addresses, and error messages via direct reque...
Microworld Technologies Mailscan 5.6.a
7.5
CVSSv2
CVE-2007-4207
SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote malicious users to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters.
Kerberosdev Gallery In A Box
7.5
CVSSv2
CVE-2005-4064
Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) faqid parameter to faqDspItem.asp and (2) catcode parameter to faqDsp.asp.
Alan Ward A-faq 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2006-1658
Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts.
Chucky A. Ivey N.t. 1.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »