Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5786
Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_...
A-enterprise Gosamba 1.0.1
1 EDB exploit
5
CVSSv2
CVE-2015-6355
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote malicious users to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226.
Cisco Unified Computing System 2.2\\(5b\\)a
6.8
CVSSv2
CVE-2010-1454
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 prior to 6.0.20.D, and 6.0.25.A prior to 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote m...
Vmware Tc Server 6.0.25.a
Vmware Tc Server 6.0.20.a
Vmware Tc Server 6.0.19.a
Vmware Tc Server 6.0.20
Vmware Tc Server 6.0.20.b
Vmware Tc Server 6.0.20.c
Vmware Tc Server 6.0.19
3.3
CVSSv2
CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
Hp Dynrootdisk A.1.0.16.417
Hp Dynrootdisk A.2.0.0.592
Hp Dynrootdisk A.1.0.18.245
Hp Dynrootdisk A.1.1.0.344
Hp Hp-ux 11.23
Hp Hp-ux 11.31
Hp Hp-ux 11.11
Hp Ignite-ux C.7.1.92
Hp Ignite-ux C.7.2.93
Hp Ignite-ux C.7.3.144
Hp Ignite-ux C.7.0.212
NA
CVE-2023-2578
The Buy Me a Coffee WordPress plugin prior to 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisit...
Buymeacoffee Buy Me A Coffee
2.1
CVSSv2
CVE-2021-3425
A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.
Redhat Jboss A-mq 7
7.2
CVSSv2
CVE-2000-0296
fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck.
Michael A. Gumienny Fcheck 2.7.45
4
CVSSv2
CVE-2018-10286
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, a...
Ericssonlg Ipecs Nms A.1ac
1 EDB exploit
5
CVSSv2
CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and previous versions allow remote malicious users to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the r...
Andy Lo-a-foe Alsaplayer
1 EDB exploit
7.5
CVSSv2
CVE-2007-4207
SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote malicious users to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters.
Kerberosdev Gallery In A Box
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »