Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0183
multipart/parser.rb in Rack 1.3.x prior to 1.3.8 and 1.4.x prior to 1.4.3 allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.4.2
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
4.3
CVSSv2
CVE-2013-0289
Isync 0.4 prior to 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate...
Isync Project Isync 1.0.2
Isync Project Isync 1.0.1
Isync Project Isync 1.0.0
Isync Project Isync 0.8
Isync Project Isync 1.0.5
Isync Project Isync 1.0.4
Isync Project Isync 1.0.3
Isync Project Isync 0.5
Isync Project Isync 0.4
Isync Project Isync 0.7
Isync Project Isync 0.6
5
CVSSv2
CVE-2005-4021
The installer for Gallery 2.0 prior to 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information.
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Rc1
NA
CVE-2015-10045
A vulnerability, which was classified as critical, was found in tutrantta project_todolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c6...
Project Todolist Project Project Todolist
4.3
CVSSv2
CVE-2008-2398
Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the appservlang parameter.
Appserv Open Project Appserv 1.4.0
Appserv Open Project Appserv 1.5.0
Appserv Open Project Appserv 2.2.0
Appserv Open Project Appserv 2.3.0
Appserv Open Project Appserv 2.4.5
Appserv Open Project Appserv 2.4.6
Appserv Open Project Appserv 2.5.4
Appserv Open Project Appserv 2.5.4a
Appserv Open Project Appserv 1.8.0
Appserv Open Project Appserv 1.9.0
Appserv Open Project Appserv 2.4.2
Appserv Open Project Appserv 2.4.3
Appserv Open Project Appserv 2.4.9
Appserv Open Project Appserv 2.5
Appserv Open Project Appserv 2.5.1
Appserv Open Project Appserv 2.5.7
Appserv Open Project Appserv 2.5.8
Appserv Open Project Appserv 1.6.0
Appserv Open Project Appserv 1.7.0
Appserv Open Project Appserv 2.4
Appserv Open Project Appserv 2.4.1
Appserv Open Project Appserv 2.4.7
1 EDB exploit
5
CVSSv2
CVE-2018-10769
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow malicious users to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the sa...
Smartmesh Project Smartmesh -
Ugtoken Project Ugtoken -
Gg Token Project Gg Token -
First Project First -
Mtc Project Mtc -
Mesh Project Mesh -
4.3
CVSSv2
CVE-2010-2800
The MS-ZIP decompressor in cabextract prior to 1.3 allows remote malicious users to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
Cabextract Project Cabextract 0.4
Cabextract Project Cabextract 0.2
Cabextract Project Cabextract
Cabextract Project Cabextract 1.1
Cabextract Project Cabextract 1.0
Cabextract Project Cabextract 0.6
Cabextract Project Cabextract 0.5
Cabextract Project Cabextract 0.3
Cabextract Project Cabextract 0.1
5.1
CVSSv2
CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract prior to 1.3, when archive test mode is used, allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab...
Cabextract Project Cabextract 1.1
Cabextract Project Cabextract 1.0
Cabextract Project Cabextract 0.6
Cabextract Project Cabextract 0.5
Cabextract Project Cabextract
Cabextract Project Cabextract 0.2
Cabextract Project Cabextract 0.1
Cabextract Project Cabextract 0.4
Cabextract Project Cabextract 0.3
7.5
CVSSv2
CVE-2014-2211
SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 prior to 3.3.0 allows remote malicious users to execute arbitrary SQL commands via the rssurl parameter.
Posh Project Posh 3.0
Posh Project Posh 3.1.2
Posh Project Posh 3.0.2
Posh Project Posh 3.0.3
Posh Project Posh 3.0.4
Posh Project Posh 3.1.0
Posh Project Posh 3.1.1
Posh Project Posh 3.0.1
Posh Project Posh
1 EDB exploit
6.8
CVSSv2
CVE-2013-2699
Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin prior to 1.09 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.
Underconstruction Project Underconstruction 1.02
Underconstruction Project Underconstruction 1.04
Underconstruction Project Underconstruction 1.06
Underconstruction Project Underconstruction
Underconstruction Project Underconstruction 1.03
Underconstruction Project Underconstruction 1.0
Underconstruction Project Underconstruction 1.07
Underconstruction Project Underconstruction 1.05
Underconstruction Project Underconstruction 1.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »