Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
log injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1229
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when v...
Nullsoft Shoutcast Server 1.9.7
1 EDB exploit
7.2
CVSSv3
CVE-2019-1862
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected softwa...
Cisco Ios Xe 16.3.7
1 Article
NA
CVE-2008-6509
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and previous versions allows remote malicious users to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
Igniterealtime Openfire 3.2.2
Igniterealtime Openfire
Igniterealtime Openfire 3.0.0
Igniterealtime Openfire 3.0.1
Igniterealtime Openfire 3.2.1
Igniterealtime Openfire 3.4.4
Igniterealtime Openfire 3.1.0
Igniterealtime Openfire 3.4.0
Igniterealtime Openfire 3.6.0
Igniterealtime Openfire 3.2.3
Igniterealtime Openfire 3.4.5
Igniterealtime Openfire 3.3.2
Igniterealtime Openfire 3.2.0
Igniterealtime Openfire 3.5.0
Igniterealtime Openfire 3.4.3
Igniterealtime Openfire 2.6.1
Igniterealtime Openfire 2.6.0
Igniterealtime Openfire 2.6.2
Igniterealtime Openfire 3.1.1
Igniterealtime Openfire 3.5.2
Igniterealtime Openfire 3.3.3
Igniterealtime Openfire 3.5.1
1 EDB exploit
NA
CVE-2011-1524
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) prior to 2.3 allows remote malicious users to inject arbitrary web script or HTML via the username field, as demonstrated by injecting an IFRAME element into the e...
Symantec Liveupdate Administrator 2.2.2
Symantec Liveupdate Administrator 2.1.2
Symantec Liveupdate Administrator 2.1.3
Symantec Liveupdate Administrator 2.1.0
Symantec Liveupdate Administrator
Symantec Liveupdate Administrator 2.2.1
1 EDB exploit
4.1
CVSSv3
CVE-2021-1475
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
8.6
CVSSv3
CVE-2021-1474
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
NA
CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher&...
Wordpress Wordpress 2.0
1 EDB exploit
NA
CVE-2008-1926
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and previous versions makes it easier for remote malicious users to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login ...
Linux Util-linux 2.13.0.1
Linux Util-linux 2.13
Linux Util-linux 2.13.1
Linux Util-linux 2.13.1.1
Linux Util-linux 2.14
NA
CVE-2003-0521
Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote malicious users to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors...
Cpanel Cpanel 6.4
Cpanel Cpanel 5.3
Cpanel Cpanel 5.0
Cpanel Cpanel 6.0
Cpanel Cpanel 6.4.1
Cpanel Cpanel 6.4.2 Stable 48
Cpanel Cpanel 6.4.2
Cpanel Cpanel 6.2
1 EDB exploit
NA
CVE-2007-2191
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote malicious users to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full an...
Freepbx Freepbx 2.2.1
Freepbx Freepbx 2.2 Rc1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »