Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interspire vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4957
Directory traversal vulnerability in loadpanel.php in Interspire ActiveKB allows remote malicious users to read arbitrary files and possibly have unspecified other impact via directory traversal sequences in the Panel parameter.
Interspire Activekb
1 EDB exploit
NA
CVE-2005-1482
ArticleLive 2005 allows remote malicious users to gain privileges by modifying the (1) auth and (2) userId fields in a cookie.
Interspire Articlelive 2005
9.8
CVSSv3
CVE-2017-14322
The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) before 6.1.6 allows remote malicious users to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted valu...
Interspire Email Marketer
1 EDB exploit
1 Github repository
NA
CVE-2007-5425
SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote malicious users to execute arbitrary SQL commands via the questId parameter in a hideQuestion ToDo action. NOTE: the catId vector is already covered by CVE-2007-5131.
Interspire Activekb 1.5
8.8
CVSSv3
CVE-2022-40777
Interspire Email Marketer up to and including 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an in...
Interspire Email Marketer
NA
CVE-2005-1483
Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote malicious users to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter.
Interspire Articlelive 2005
7.5
CVSSv3
CVE-2022-44790
Interspire Email Marketer up to and including 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.
Interspire Email Marketer
8.8
CVSSv3
CVE-2018-19549
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
Interspire Email Marketer
NA
CVE-2005-0881
Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allows remote malicious users to inject arbitrary web script or HTML via the Articleld parameter.
Interspire Articlelive 2005
1 EDB exploit
NA
CVE-2006-0210
Cross-site scripting (XSS) vulnerability in index.php in Interspire TrackPoint NX prior to 0.1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter when using the Login page.
Interspire Trackpoint Nx
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »