Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
larry w. cashdollar vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-1002005
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
Kibokolabs Arigato Autoresponder And Newsletter
1 EDB exploit
7.5
CVSSv3
CVE-2018-9205
Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.
Drupal Avatar Uploader 7.x-1.0
1 EDB exploit
9.8
CVSSv3
CVE-2016-1000123
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Huge-it Video Gallery 1.0.9
1 EDB exploit
9.8
CVSSv3
CVE-2016-1000124
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
Huge-it Portfolio Gallery 1.0.6
1 EDB exploit
9.8
CVSSv3
CVE-2016-1000125
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
Huge-it Huge-it Catalog 1.0.7
1 EDB exploit
NA
CVE-2003-0265
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local malicious users to gain root privileges by modifying the files before the permissions are changed.
Sap Sap Db 7.4.3.7 Beta
Sap Sap Db 7.3.29
1 EDB exploit
NA
CVE-2002-0296
The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.
Tarantella Tarantella Enterprise 3.10
Tarantella Tarantella Enterprise 3.11
Tarantella Tarantella Enterprise 3.0
Tarantella Tarantella Enterprise 3.01
Tarantella Tarantella Enterprise 3.20
1 EDB exploit
NA
CVE-2015-4414
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Se Html5 Album Audio Player Project Se Html5 Album Audio Player
1 EDB exploit
NA
CVE-2015-4616
Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin prior to 1.2.5 for WordPress allows remote malicious users to create arbitrary files via a .. (dot dot) in the map_id parameter.
Easy2map Project Easy2map
1 EDB exploit
NA
CVE-2013-1948
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a filename.
Rob Westgeest Md2pdf 0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »