Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-0183
multipart/parser.rb in Rack 1.3.x prior to 1.3.8 and 1.4.x prior to 1.4.3 allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.4.2
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
383
VMScore
CVE-2013-0289
Isync 0.4 prior to 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate...
Isync Project Isync 1.0.2
Isync Project Isync 1.0.1
Isync Project Isync 1.0.0
Isync Project Isync 0.8
Isync Project Isync 1.0.5
Isync Project Isync 1.0.4
Isync Project Isync 1.0.3
Isync Project Isync 0.5
Isync Project Isync 0.4
Isync Project Isync 0.7
Isync Project Isync 0.6
645
VMScore
CVE-2006-1128
Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote malicious users to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is san...
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha3
1 EDB exploit
445
VMScore
CVE-2005-4021
The installer for Gallery 2.0 prior to 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information.
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Rc1
NA
CVE-2015-10045
A vulnerability, which was classified as critical, was found in tutrantta project_todolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c6...
Project Todolist Project Project Todolist
435
VMScore
CVE-2008-2398
Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the appservlang parameter.
Appserv Open Project Appserv 1.4.0
Appserv Open Project Appserv 1.5.0
Appserv Open Project Appserv 2.2.0
Appserv Open Project Appserv 2.3.0
Appserv Open Project Appserv 2.4.5
Appserv Open Project Appserv 2.4.6
Appserv Open Project Appserv 2.5.4
Appserv Open Project Appserv 2.5.4a
Appserv Open Project Appserv 1.8.0
Appserv Open Project Appserv 1.9.0
Appserv Open Project Appserv 2.4.2
Appserv Open Project Appserv 2.4.3
Appserv Open Project Appserv 2.4.9
Appserv Open Project Appserv 2.5
Appserv Open Project Appserv 2.5.1
Appserv Open Project Appserv 2.5.7
Appserv Open Project Appserv 2.5.8
Appserv Open Project Appserv 1.6.0
Appserv Open Project Appserv 1.7.0
Appserv Open Project Appserv 2.4
Appserv Open Project Appserv 2.4.1
Appserv Open Project Appserv 2.4.7
1 EDB exploit
445
VMScore
CVE-2018-10769
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow malicious users to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the sa...
Smartmesh Project Smartmesh -
Ugtoken Project Ugtoken -
Gg Token Project Gg Token -
First Project First -
Mtc Project Mtc -
Mesh Project Mesh -
605
VMScore
CVE-2013-2699
Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin prior to 1.09 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.
Underconstruction Project Underconstruction 1.02
Underconstruction Project Underconstruction 1.04
Underconstruction Project Underconstruction 1.06
Underconstruction Project Underconstruction
Underconstruction Project Underconstruction 1.03
Underconstruction Project Underconstruction 1.0
Underconstruction Project Underconstruction 1.07
Underconstruction Project Underconstruction 1.05
Underconstruction Project Underconstruction 1.01
383
VMScore
CVE-2013-5943
Multiple cross-site scripting (XSS) vulnerabilities in Graphite prior to 0.9.11 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Graphite Project Graphite 0.9.6
Graphite Project Graphite 0.9.7
Graphite Project Graphite 0.9.8
Graphite Project Graphite 0.9.9
Graphite Project Graphite
Graphite Project Graphite 0.9.5
Graphite Project Graphite 0.9.3
Graphite Project Graphite 0.9.2
Graphite Project Graphite 0.9.4
383
VMScore
CVE-2010-2800
The MS-ZIP decompressor in cabextract prior to 1.3 allows remote malicious users to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
Cabextract Project Cabextract 0.4
Cabextract Project Cabextract 0.2
Cabextract Project Cabextract
Cabextract Project Cabextract 1.1
Cabextract Project Cabextract 1.0
Cabextract Project Cabextract 0.6
Cabextract Project Cabextract 0.5
Cabextract Project Cabextract 0.3
Cabextract Project Cabextract 0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »