Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web frontend vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2815
Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable (aka com_simpleboard), as used in Mambo and Joomla!, allow remote malicious users to inject arbitrary web script or HTML via (1) the Name field in "post ne topic" ...
Two Shoes Mambo Factory Simpleboard 1.1.0 Stable
9.8
CVSSv3
CVE-2016-10134
SQL injection vulnerability in Zabbix prior to 2.2.14 and 3.0 prior to 3.0.4 allows remote malicious users to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
Zabbix Zabbix 3.0.2
Zabbix Zabbix 3.0.1
Zabbix Zabbix 3.0.0
Zabbix Zabbix
Zabbix Zabbix 3.0.3
5.3
CVSSv3
CVE-2022-36105
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension ...
Typo3 Typo3
NA
CVE-2008-0783
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k allow remote malicious users to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the actio...
Cacti Cacti 0.8.7
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.2
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6j
Cacti Cacti 0.8
Cacti Cacti 0.8.6i
Cacti Cacti 0.6.7
Cacti Cacti 0.8.1
Cacti Cacti 0.8.4
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3a
2 EDB exploits
5.3
CVSSv3
CVE-2021-41114
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute...
Typo3 Typo3
NA
CVE-2014-4002
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote malicious users to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Cacti Cacti 0.8.8b
7.8
CVSSv3
CVE-2022-31087
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/.php4/.phpt/etc) files. An attack...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2022-31088
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This is...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2022-31084
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions before 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. T...
Ldap-account-manager Ldap Account Manager
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2018-14912
cgit_clone_objects in CGit prior to 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Cgit Project Cgit
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »