Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
the address book the address book vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-1771
Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions....
Otrs Otrs
6.5
CVSSv2
CVE-2014-5140
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
Loadedcommerce Loaded7 -
1 EDB exploit
NA
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to...
Piwigo Guestbook
NA
CVE-2023-39959
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given iden...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
NA
CVE-2023-3791
A vulnerability was found in IBOS OA 4.5.5 and classified as critical. Affected by this issue is the function actionExport of the file ?r=contact/default/export of the component Personal Office Address Book. The manipulation leads to sql injection. The attack may be launched remo...
Ibos Ibos 4.5.5
4.3
CVSSv2
CVE-2009-1729
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote malicious users to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact impleme...
Sun Java System Communications Express 6.3
Sun Java System Communications Express 6.2
2 EDB exploits
5
CVSSv2
CVE-2005-2696
IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote malicious users to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest&...
Ibm Lotus Notes
3.5
CVSSv2
CVE-2021-43774
A risky-algorithm issue exists on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download the address book file, which contains the list of users (domain user...
Fujifilm Apeosport-iv 7080 Firmware -
Fujifilm Apeosport-iv 6080 Firmware -
Fujifilm Apeosport-iv 5080 Firmware -
Fujifilm Apeosport-iv 3065 Firmware
Fujifilm Apeosport-iv 3060 Firmware
Fujifilm Apeosport-iv 2060 Firmware
Fujifilm Apeosport-iv 5070 Firmware
Fujifilm Apeosport-iv 4070 Firmware
Fujifilm Apeosport-iv 3070 Firmware
Fujifilm Apeosport-iv C4430 Firmware
Fujifilm Apeosport-iv C5570 Firmware -
Fujifilm Apeosport-iv C4470 Firmware -
Fujifilm Apeosport-iv C3370 Firmware -
Fujifilm Apeosport-iv C2270 Firmware -
Fujifilm Apeosport-iv C5575 Firmware -
Fujifilm Apeosport-iv C4475 Firmware -
Fujifilm Apeosport-iv C3375 Firmware -
Fujifilm Apeosport-iv C2275 Firmware -
Fujifilm Apeosport-iv C7780 Firmware -
Fujifilm Apeosport-iv C6680 Firmware -
Fujifilm Apeosport-iv C5580 Firmware -
Fujifilm Apeosport-v 4020 Firmware
6.8
CVSSv2
CVE-2021-24083
Windows Address Book Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
10
CVSSv2
CVE-2022-24293
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Hp Laserjet Pro M453-m454 W1y40a Firmware
Hp Laserjet Pro M453-m454 W1y41a Firmware
Hp Laserjet Pro M453-m454 W1y46a Firmware
Hp Laserjet Pro M453-m454 W1y47a Firmware
Hp Laserjet Pro M453-m454 W1y44a Firmware
Hp Laserjet Pro M453-m454 W1y45a Firmware
Hp Laserjet Pro M453-m454 W1y43a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a75a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a76a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a77a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a81a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a82a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a79a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a80a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a78a Firmware
Hp Laserjet Pro M304-m305 W1a66a Firmware
Hp Laserjet Pro M304-m305 W1a46a Firmware
Hp Laserjet Pro M304-m305 W1a47a Firmware
Hp Laserjet Pro M304-m305 W1a48a Firmware
Hp Laserjet Pro M304-m305 W1a51a Firmware
Hp Laserjet Pro M304-m305 W1a53a Firmware
Hp Laserjet Pro M304-m305 W1a56a Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »