Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2012-6290
SQL injection vulnerability in ImageCMS prior to 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrar...
Imagecms Imagecms
1 EDB exploit
855
VMScore
CVE-2013-5692
Directory traversal vulnerability in X2Engine X2CRM prior to 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php/admin/translationManager.
X2engine X2crm 3.0.1
X2engine X2crm 3.0
X2engine X2crm 2.9.1
X2engine X2crm 2.9
X2engine X2crm 1.2.1
X2engine X2crm 1.2.0
X2engine X2crm 1.1.0
X2engine X2crm 1.0.1
X2engine X2crm 1.0
X2engine X2crm 3.4
X2engine X2crm 3.3.2
X2engine X2crm 3.3.1
X2engine X2crm
X2engine X2crm 3.2
X2engine X2crm 3.1.1
X2engine X2crm 3.0.2
X2engine X2crm 2.8.1
X2engine X2crm 2.7.2
X2engine X2crm 1.3.1
X2engine X2crm 1.2.2
X2engine X2crm 3.3
X2engine X2crm 2.7
1 EDB exploit
435
VMScore
CVE-2013-5693
Cross-site scripting (XSS) vulnerability in X2Engine X2CRM prior to 3.5 allows remote malicious users to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor.
X2engine X2crm 3.1.2
X2engine X2crm 3.1.1
X2engine X2crm 3.1
X2engine X2crm 3.0.2
X2engine X2crm 1.3.1
X2engine X2crm 1.3
X2engine X2crm 1.2.2
X2engine X2crm 1.2.1
X2engine X2crm 3.3.1
X2engine X2crm 3.2
X2engine X2crm 3.0.1
X2engine X2crm 2.9.1
X2engine X2crm 2.5.2
X2engine X2crm 2.2.1
X2engine X2crm 1.1.0
X2engine X2crm 1.0
X2engine X2crm
X2engine X2crm 3.4
X2engine X2crm 2.8.1
X2engine X2crm 2.8
X2engine X2crm 2.7.2
X2engine X2crm 2.7.1
1 EDB exploit
505
VMScore
CVE-2012-5451
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi prior to 2.1.0.3974 allow remote malicious users to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
Tvmobili Tvmobili
1 EDB exploit
935
VMScore
CVE-2012-0985
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect softwa...
Sony Vaio Pc Wireless Lan Wizard 1.0
Sony Smartwi Connection Utillity 4.7.4
Sony Smartwi Connection Utillity 4.8
Sony Vaio Wireless Wizard 3.0
Sony Smartwi Connection Utillity 4.7
Sony Vaio Easy Connect 1.1.0
Sony Vaio Wireless Wizard 1.00
Sony Vaio Wireless Wizard 1.00 64
Sony Smartwi Connection Utillity 4.9
Sony Smartwi Connection Utillity 4.10
Sony Vaio Wireless Wizard 1.01
Sony Vaio Wireless Wizard 2.0
Sony Smartwi Connection Utillity 4.11
Sony Vaio Easy Connect 1.0.0
1 EDB exploit
685
VMScore
CVE-2012-0997
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote malicious users to hijack the authentication of administrators for requests that add new topics via an addTopic action.
11in1 11in1 1.2.1
1 EDB exploit
755
VMScore
CVE-2013-5639
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the gnew_language cookie.
Raoul Proenca Gnew
1 EDB exploit
505
VMScore
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote malicious users to view arbitrary files via the 'what' parameter.
Aws-dms Aws Xms 2.5
1 EDB exploit
755
VMScore
CVE-2013-4879
SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to index.php.
Bigtreecms Bigtree Cms 4.0
Bigtreecms Bigtree Cms
1 EDB exploit
685
VMScore
CVE-2013-4881
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create an administrative user via an add user action ...
Bigtreecms Bigtree Cms 4.0
Bigtreecms Bigtree Cms
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »