Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alexander klink vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2008-1237
Multiple unspecified vulnerabilities in Mozilla Firefox prior to 2.0.0.13, Thunderbird prior to 2.0.0.13, and SeaMonkey prior to 1.1.9 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScri...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Seamonkey
828
VMScore
CVE-2007-5338
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allow remote malicious users to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Mozilla Firefox
Mozilla Seamonkey
828
VMScore
CVE-2007-3738
Multiple unspecified vulnerabilities in Mozilla Firefox prior to 2.0.0.5 allow remote malicious users to execute arbitrary code via a crafted XPCNativeWrapper.
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
760
VMScore
CVE-2007-1363
Multiple SQL injection vulnerabilities in DropAFew prior to 0.2.1 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in the delete action in (a) search.php or (b) search-pda.php, or the (2) calories parameter in a save action in editlogcal.php...
Dropafew Dropafew
2 EDB exploits
645
VMScore
CVE-2007-1364
DropAFew prior to 0.2.1 does not require authorization for certain privileged actions, which allows remote malicious users to (1) view the logged calorie information of arbitrary users via the id parameter in editlogcal.php, (2) add arbitrary links via links.php, or (3) create ar...
Dropafew Dropafew
1 EDB exploit
435
VMScore
CVE-2008-7017
Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions prior to 20080928, allows remote malicious users to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate.
Cacert Cacert 20080921
1 EDB exploit
605
VMScore
CVE-2009-3580
Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote malicious users to hijack the authentication of arbitrary users for requests that change a password via the login, new_password, and confirm_password parameters in a preferences action.
Sql-ledger Sql-ledger 2.8.24
312
VMScore
CVE-2009-3581
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...
Sql-ledger Sql-ledger 2.8.24
445
VMScore
CVE-2009-3584
SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Sql-ledger Sql-ledger 2.8.24
685
VMScore
CVE-2006-2109
Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions prior to 2.0.12, allows remote malicious users to inject arbitrary web script or HTML via parameters that are set as global vari...
Jsboard Jsboard 2.0.10
Jsboard Jsboard 2.0.7
Jsboard Jsboard 2.0.8
Jsboard Jsboard 2.0.9
Jsboard Jsboard
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »