Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omar kurt vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-7391
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.9.14 allow remote malicious users to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) contain...
Testlink Testlink
5
CVSSv2
CVE-2014-6308
Directory traversal vulnerability in OSClass prior to 3.4.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
Osclass Osclass
Osclass Osclass 3.4.0
1 EDB exploit
4.3
CVSSv2
CVE-2015-3429
Cross-site scripting (XSS) vulnerability in example.html in Genericons prior to 3.3.1, as used in WordPress prior to 4.2.2, allows remote malicious users to inject arbitrary web script or HTML via a fragment identifier.
Automattic Genericons
Debian Debian Linux 8.0
1 Github repository
4.3
CVSSv2
CVE-2014-9120
Cross-site scripting (XSS) vulnerability in Subrion CMS prior to 3.2.3 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.
Intelliants Subrion
4.3
CVSSv2
CVE-2015-1384
Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin prior to 1.2.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the banner_effect_divid parameter in the BannerEffectOptions page to wp-admin/options-general.php.
Banner Effect Header Project Banner Effect Header
4.3
CVSSv2
CVE-2015-2250
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 prior to 5.7.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) banned_word[] parameter to index.php/dashboard/system/conversations/bannedwords/success, (2) channel parameter to index....
Concrete5 Concrete5
4.3
CVSSv2
CVE-2015-1385
Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Podcasting plugin prior to 6.0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cat parameter in a powerpress-editcategoryfeed action in the powerpressadmin_categoryfeed...
Blubrry Powerpress
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2