Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lostmon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain IP addresses of users via a direct request to (1) guestbook, (2) guestbook_ips2block, (3) ips2block, and (4) formmailer/logfi...
Jax Scripts Jax Guestbook 3.3.1
Jax Scripts Jax Guestbook 3.1
4 EDB exploits
NA
CVE-2007-4088
Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) id, (2) f, (3) quote, and (4) act parameters to cp.php; the (5) u parameter to user.php; the (6) f parameter to post.php; the (...
Vikingboard Vikingboard 0.1.2
4 EDB exploits
NA
CVE-2005-1403
Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote malicious users to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (...
4 EDB exploits
NA
CVE-2005-2588
Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act par...
Dvbbs Dvbbs 7.1
Dvbbs Dvbbs 7.1 Sp2
3 EDB exploits
NA
CVE-2008-4435
Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote malicious users to inject arbitrary web script or HTML via the (1) key parameter to search.php and the (2) id parameter to down.php.
Rmsoft Downloads Plus Module 1.5
Rmsoft Downloads Plus Module 1.7
2 EDB exploits
NA
CVE-2005-0670
Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 up to and including 1.2.1b allows remote malicious users to inject arbitrary web script or HTML via (1) the new parameter to mod.php, (2) the w parameter to mod.php, (3) the e parameter to login.php, (4) the o parameter to...
Coinsoft Technologies Phpcoin 1.2.1b
Coinsoft Technologies Phpcoin 1.2
Coinsoft Technologies Phpcoin 1.2.1
2 EDB exploits
NA
CVE-2005-3152
Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote malicious users to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. Note: vectors (1) a...
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.7-pl1
2 EDB exploits
NA
CVE-2007-4079
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS Text Messaging Enterprise allow remote malicious users to inject arbitrary web script or HTML via the (1) domain or (2) q parameter to (a) admin/membersearch.php, or (3) the userid parameter to (b) admin/editus...
Alstrasoft Sms Text Messaging Enterprise
2 EDB exploits
NA
CVE-2007-4081
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro allow remote malicious users to inject arbitrary web script or HTML via vectors in (a) merchants/index.php, including the (1) id or (2) msg parameter in a programedit action; the (3) pgmid par...
Alstrasoft Affiliate Network Pro 8.0
2 EDB exploits
NA
CVE-2007-4089
Vikingboard 0.1.2 allows remote malicious users to obtain sensitive information via the debug parameter to (1) forum.php, (2) cp.php, and possibly other unspecified components.
Vikingboard Vikingboard 0.1.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »