Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claudio viviani vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-8739
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) prior to 1.0.0 for WordPress and prior to 2.0.1 for Joomla!, allows remot...
Creative-solutions Creative Contact Form
Jquery File Upload Project Jquery File Upload 6.4.4
2 EDB exploits
1 Github repository
NA
CVE-2014-2913
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and previous versions allows remote malicious users to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple par...
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
Nagios Remote Plugin Executor
Opensuse Opensuse 13.1
2 EDB exploits
NA
CVE-2014-3704
The expandArguments function in the database abstraction API in Drupal core 7.x prior to 7.32 does not properly construct prepared statements, which allows remote malicious users to conduct SQL injection attacks via an array containing crafted keys.
Drupal Drupal
Debian Debian Linux 7.0
4 EDB exploits
2 Nmap scripts
5 Github repositories
2 Articles
8.8
CVSSv3
CVE-2014-9013
The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.
Wpmarketplace Project Wpmarketplace 2.4.0
2 EDB exploits
4.3
CVSSv3
CVE-2014-9014
Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin prior to 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.
Wpmarketplace Project Wpmarketplace 2.4.0
2 EDB exploits
NA
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution (revslider) plugin prior to 4.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
Themepunch Slider Revolution
2 EDB exploits
NA
CVE-2015-1579
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate ...
Elegant Themes Divi -
2 EDB exploits
4 Github repositories
NA
CVE-2014-5460
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin prior to 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-ga...
Tribulant Tibulant Slideshow Gallery 1.4.4
Tribulant Tibulant Slideshow Gallery 1.4.5
Tribulant Tibulant Slideshow Gallery
Tribulant Tibulant Slideshow Gallery 1.4.2
Tribulant Tibulant Slideshow Gallery 1.4.3
Tribulant Tibulant Slideshow Gallery 1.4
Tribulant Tibulant Slideshow Gallery 1.4.1
2 EDB exploits
9.8
CVSSv3
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
6 Github repositories
NA
CVE-2014-3659
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7169. Reason: This candidate is a reservation duplicate of CVE-2014-7169 because the CNA for this ID did not follow multiple procedures that are intended to minimize duplicate CVE assignments. Notes: All CVE ...
14 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »