Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
don vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45364
Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.
Codedropz Drag And Drop Multiple File Upload - Contact Form 7
6.5
CVSSv2
CVE-2022-29419
SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher.
3xsocializer Project 3xsocializer
NA
CVE-2022-45377
Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a up to and including 1.0.8.
Codedropz Drag And Drop Multiple File Upload For Woocommerce
3.5
CVSSv2
CVE-2017-9838
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions prior to 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/card.php (type parameter), holiday/list.php (month_create, month_start, and month...
Dolibarr Dolibarr Erp/crm
NA
CVE-2022-42909
WEPA Print Away does not verify that a user has authorization to access documents before generating print orders and associated release codes. This could allow an malicious user to generate print orders and release codes for documents they don´t own and print hem without au...
Wepanow Print Away -
4.3
CVSSv2
CVE-2007-5145
Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote malicious users to cause a denia...
Microsoft Windows Xp -
2.1
CVSSv2
CVE-2007-5373
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Ldapscripts Ldapscripts 1.7
Ldapscripts Ldapscripts 1.4
6.8
CVSSv2
CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 prior to 2.07 on 32-bit platforms might allow remote malicious users to execute arbitrary code via a crafted Literal Run.
Oberhumer Lzo2
Oberhumer Liblzo2
7.5
CVSSv2
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
7.5
CVSSv2
CVE-2008-0832
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and previous versions component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the surano parameter in a viewayat action.
Mambo Kemas Antonius Com Quran
Joomla Kemas Antonius Com Quran
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »