Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2989
Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote malicious users to hijack the authentication of administrators for requests that create administrative accounts via a request to Users/add.
Open Assessment Technologies Tao 2.5.6
1 EDB exploit
NA
CVE-2012-1470
Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal prior to 7.1.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) path or (2) line parameters.
Ocportal Ocportal 7.0
Ocportal Ocportal 6.2
Ocportal Ocportal 6.1.1
Ocportal Ocportal 6.1
Ocportal Ocportal 7.1.1
Ocportal Ocportal 7.1
Ocportal Ocportal 6.0.2
Ocportal Ocportal 6.0
Ocportal Ocportal 5.0.3
Ocportal Ocportal 5.0.2
Ocportal Ocportal 4.3.1
Ocportal Ocportal 4.3
Ocportal Ocportal 4.2
Ocportal Ocportal 4.1.3
Ocportal Ocportal 4.1.9
Ocportal Ocportal 4.1.6
Ocportal Ocportal 4.1.4
Ocportal Ocportal 4.0.4
Ocportal Ocportal 5.0.1
Ocportal Ocportal 5.0
Ocportal Ocportal 4.3.2
Ocportal Ocportal 4.1.13
1 EDB exploit
NA
CVE-2012-1664
Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax prior to 2.5.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter in a process action to admin/login.php; (2) pageTitle, (3) current_product_id, or (4)...
Oscmax Oscmax
9 EDB exploits
NA
CVE-2011-5214
Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) modules/admin/admin_module_index.php, or (3) modules/calendar/customise_cal...
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm
Browsercrm Browsercrm 5.100.00
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.624.80
Browsercrm Browsercrm 4.619.00
Browsercrm Browsercrm 4.617.00
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 4.607.00
Browsercrm Browsercrm 5.002.00
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 4.624.70
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.605.00
Browsercrm Browsercrm 4.604.01
4 EDB exploits
NA
CVE-2012-0991
Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/pati...
Openemr Openemr 4.1.0
3 EDB exploits
NA
CVE-2011-4802
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4...
Dolibarr Dolibarr Erp\\/crm 2.9.0
Dolibarr Dolibarr Erp\\/crm 2.8.1
Dolibarr Dolibarr Erp\\/crm
Dolibarr Dolibarr Erp\\/crm 2.6.0
Dolibarr Dolibarr Erp\\/crm 3.0.0
Dolibarr Dolibarr Erp\\/crm 2.7.1
Dolibarr Dolibarr Erp\\/crm 2.6.1
Dolibarr Dolibarr Erp\\/crm 2.5.0
Dolibarr Dolibarr Erp\\/crm 2.7.0
Dolibarr Dolibarr Erp\\/crm 2.8.0
Dolibarr Dolibarr Erp\\/crm 3.0.1
3 EDB exploits
NA
CVE-2012-1507
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM prior to 2.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, o...
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.4
3 EDB exploits
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
NA
CVE-2012-1835
Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4) befor...
Timely All-in-one Event Calendar 1.5
Timely All-in-one Event Calendar 1.4
4 EDB exploits
NA
CVE-2012-1039
Multiple cross-site scripting (XSS) vulnerabilities in Dotclear prior to 2.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) stat...
Dotclear Dotclear 1.2.8
Dotclear Dotclear 1.2.7
Dotclear Dotclear 2.0
Dotclear Dotclear 1.2.2
Dotclear Dotclear 1.2.5
Dotclear Dotclear 2.2.1
Dotclear Dotclear 2.3.0
Dotclear Dotclear 2.0.1
Dotclear Dotclear 2.0.2
Dotclear Dotclear 1.2.6
Dotclear Dotclear 1.2.3
Dotclear Dotclear 2.1.3
Dotclear Dotclear 2.1.7
Dotclear Dotclear 1.2.4
Dotclear Dotclear 2.2.2
Dotclear Dotclear 2.2
Dotclear Dotclear 2.1.5
Dotclear Dotclear 2.1.1
Dotclear Dotclear 2.1
Dotclear Dotclear 1.2.1
Dotclear Dotclear 2.1.4
Dotclear Dotclear 2.2.3
4 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »