Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
1 EDB exploit
6.8
CVSSv2
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted malicious users to modify arbitrary files via ".." (dot dot) sequences in a patch file.
Mercurial Mercurial 1.0.1
3.5
CVSSv2
CVE-2011-1401
ikiwiki prior to 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS)...
Ikiwiki Ikiwiki 2.19
Ikiwiki Ikiwiki 2.18
Ikiwiki Ikiwiki 3.1415
Ikiwiki Ikiwiki 3.10
Ikiwiki Ikiwiki 3.11
Ikiwiki Ikiwiki 3.12
Ikiwiki Ikiwiki 2.60
Ikiwiki Ikiwiki 2.64
Ikiwiki Ikiwiki 2.65
Ikiwiki Ikiwiki 2.62.1
Ikiwiki Ikiwiki 3.02
Ikiwiki Ikiwiki 3.01
Ikiwiki Ikiwiki 3.09
Ikiwiki Ikiwiki 3.08
Ikiwiki Ikiwiki 2.31.3
Ikiwiki Ikiwiki 2.43
Ikiwiki Ikiwiki 2.42
Ikiwiki Ikiwiki 2.44
Ikiwiki Ikiwiki 2.48
Ikiwiki Ikiwiki 2.49
Ikiwiki Ikiwiki 2.54
Ikiwiki Ikiwiki 2.55
6.8
CVSSv2
CVE-2006-2803
Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field.
Deltascripts Php Manualmaker 1.0
1 EDB exploit
NA
CVE-2021-465592
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
7.5
CVSSv2
CVE-2007-5181
SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote malicious users to execute arbitrary SQL commands via the ilan_id parameter.
Netkamp Netkamp Emlak Scripti
1 EDB exploit
7.5
CVSSv2
CVE-2004-1601
Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote malicious users to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter.
Coolphp Coolphp Web Portal 1.0 Stable
1 EDB exploit
6.8
CVSSv2
CVE-2012-4077
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651.
Cisco Nx-os -
6.8
CVSSv2
CVE-2012-4121
Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574.
Cisco Nx-os -
6.2
CVSSv2
CVE-2012-4122
The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669.
Cisco Nx-os -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »