Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47268
PrusaSlicer versions 2.6.1 and below suffer from an arbitrary code execution vulnerability.
7.4
CVSSv3
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. (It cannot be exploited with e-mail addresses or phone numbers that are registered in the appl...
Ebankit Ebankit 6
NA
CVE-2000-0853
YaBB Bulletin Board 9.1.2000 allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Yabb Yabb 2000-09-01
1 EDB exploit
NA
CVE-2001-0274
kicq IRC client 1.0.0, and possibly later versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in a URL.
Kicq Kicq 1.0.0
1 EDB exploit
NA
CVE-1999-1479
The textcounter.pl by Matt Wright allows remote malicious users to execute arbitrary commands via shell metacharacters.
Matt Wright Textcounter 1.2
1 EDB exploit
NA
CVE-2009-4148
DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote malicious users to execute arbitrary JavaScript code via a (1) .ds, (2) .dsa, (3) .dse, or (4) .dsb file, as demonstrated by code that loads the WScript.Shell ActiveX control, related to a "script injection vulnera...
Daz3d Daz Studio 2.3.3.161
Daz3d Daz Studio 2.3.3.163
Daz3d Daz Studio 3.0.1.135
1 EDB exploit
NA
CVE-2007-1303
Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Rrdbrowse Rrdbrowse
1 EDB exploit
NA
CVE-2009-0753
Absolute path traversal vulnerability in MLDonkey 2.8.4 up to and including 2.9.7 allows remote malicious users to read arbitrary files via a leading "//" (double slash) in the filename.
Mldonkey Mldonkey 2.9.0-r3
Mldonkey Mldonkey 2.9.7
Mldonkey Mldonkey 2.8.4
Mldonkey Mldonkey 2.9
Mldonkey Mldonkey 2.8.7
1 EDB exploit
NA
CVE-2014-3782
Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear prior to 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) double extension or (2) .php5, (3) .phtml, or some ...
Dotclear Dotclear 2.6.1
Dotclear Dotclear 2.6
Dotclear Dotclear
NA
CVE-2008-2347
MyPicGallery 1.0 allows remote malicious users to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php.
Mypicgallery Mypicgallery 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »