Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4424
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Imotta Pyrmont Plugin 2
1 EDB exploit
6.8
CVSSv2
CVE-2009-4426
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php.
Launchpad Ignition 1.2
1 EDB exploit
3.5
CVSSv2
CVE-2009-4429
Cross-site scripting (XSS) vulnerability in the Sections module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.3 for Drupal allows remote authenticated users with "administer sections" privileges to inject arbitrary web script or HTML via a section name (aka the Name field...
Alexander Hass Sections Module 5.x-1.2
Alexander Hass Sections Module 6.x-1.x-dev
Alexander Hass Sections Module 6.x-1.1
Alexander Hass Sections Module 6.x-1.0
Alexander Hass Sections Module 5.x-1.x-dev
Alexander Hass Sections Module 6.x-1.2
Alexander Hass Sections Module 5.x-1.1
Alexander Hass Sections Module 5.x-1.0
2 EDB exploits
4.6
CVSSv2
CVE-2019-14601
Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Raid Web Console 3
1 Article
4.6
CVSSv2
CVE-2019-14602
Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Nuvoton Consumer Infrared
5
CVSSv2
CVE-2002-0583
WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote malicious users to read the reports via a brute force attack.
Workforceroi Xpede 4.1
7.5
CVSSv2
CVE-2002-0590
Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote malicious users to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.
Icredibb Icredibb 1.1 Beta
1 EDB exploit
5
CVSSv2
CVE-2002-0591
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and previous versions allows remote malicious users to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
Aol Instant Messenger 4.1
Aol Instant Messenger 4.6
Aol Instant Messenger 4.8 Beta
Aol Instant Messenger 4.2
Aol Instant Messenger 4.3
Aol Instant Messenger 4.4
Aol Instant Messenger 4.5
Aol Instant Messenger 4.0
Aol Instant Messenger 4.7
1 EDB exploit
4.3
CVSSv2
CVE-2021-44436
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker...
Siemens Jt Open Toolkit
Siemens Jt Utilities
6.8
CVSSv2
CVE-2021-44437
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This c...
Siemens Jt Open Toolkit
Siemens Jt Utilities
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »