Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0793
Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component prior to 1.7.3 for Joomla! allow remote malicious users to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.
Stackideas Komento 1.7.1
Stackideas Komento 1.7.0
Stackideas Komento
1 EDB exploit
NA
CVE-2012-6290
SQL injection vulnerability in ImageCMS prior to 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrar...
Imagecms Imagecms
1 EDB exploit
NA
CVE-2014-2987
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) prior to 1.1.20140505, EGroupware Community Edition prior to 1.8.007.20140506, and EGroupware prior to 14.1 beta allow remote malicious users to hijack the authentication of administrat...
Egroupware Egroupware
1 EDB exploit
8.8
CVSSv3
CVE-2014-3119
Multiple SQL injection vulnerabilities in web2Project 3.1 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote malicious users to execute arbitrary SQL comm...
Web2project Web2project
1 EDB exploit
NA
CVE-2012-4772
SQL injection vulnerability in register/ in Subrion CMS prior to 2.2.3 allows remote malicious users to execute arbitrary SQL commands via the plan_id parameter.
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
1 EDB exploit
NA
CVE-2014-2540
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server prior to 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory.
Orbitscripts Orbit Open Ad Server
1 EDB exploit
NA
CVE-2014-2579
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to index2.php or (2) ...
Xcloner Xcloner
1 EDB exploit
NA
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
Phplist Phplist 2.7.1
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
1 EDB exploit
8.8
CVSSv3
CVE-2012-5698
BabyGekko prior to 1.2.4 has SQL injection.
Babygekko Babygekko
1 EDB exploit
9.8
CVSSv3
CVE-2012-5699
BabyGekko prior to 1.2.4 allows PHP file inclusion.
Babygekko Babygekko
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »