Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria-security team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1974
Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kronolith 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Horde Groupware 1.0.5
Horde Groupware Webmail Edition 1.0.6
1 EDB exploit
NA
CVE-2008-5766
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Faupload Nil
1 EDB exploit
NA
CVE-2006-6936
Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote malicious users to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.
Pensacola Web Designs Xtremeasp Photogallery 2.0
1 EDB exploit
NA
CVE-2006-6937
SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote malicious users to inject arbitrary SQL commands via the sortorder parameter.
Pensacola Web Designs Xtremeasp Photogallery 2.0
1 EDB exploit
NA
CVE-2007-3987
SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote malicious users to execute arbitrary SQL commands via the SearchWord parameter.
Junction Quest Image Racer 1.0
1 EDB exploit
NA
CVE-2007-4022
Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote malicious users to inject arbitrary web script or HTML via the resname parameter.
Cpanel Cpanel 10.9.1
1 EDB exploit
NA
CVE-2006-6523
Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote malicious users to inject arbitrary web script or HTML via the account parameter.
Cpanel Cpanel 11
1 EDB exploit
NA
CVE-2006-7118
SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote malicious users to execute arbitrary SQL commands via the mid parameter.
Dmxready Site Engine Manager 1.0
1 EDB exploit
NA
CVE-2007-6217
Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote malicious users to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party informat...
Irola My-time 3.5
1 EDB exploit
NA
CVE-2007-0399
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.
Simple Machines Simple Machines Forum 1.1 Rc3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »