Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portcullis-security.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5076
Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM prior to 5.0.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) version parameter in protected/views/admin/formEditor.php; the (2) importId parameter in protected/views/admin/roll...
X2engine X2crm
NA
CVE-2013-6216
Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and previous versions allows local users to gain privileges via unknown vectors.
Hp Array Configuration Utility
Hp Array Diagnostics Utility
Hp Proliant Array Diagnostics
Hp Smartssd Wear Gauge Utility
NA
CVE-2014-5370
Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon prior to 7.1.1.18527 allows remote malicious users to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.
New Atlanta Bluedragon
1 EDB exploit
NA
CVE-2014-5462
Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_...
Open-emr Openemr
1 EDB exploit
NA
CVE-2014-7177
XML External Entity vulnerability in Enalean Tuleap 7.2 and previous versions allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
Enalean Tuleap
1 EDB exploit
NA
CVE-2014-7178
Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Enalean Tuleap
1 EDB exploit
6.1
CVSSv3
CVE-2014-2045
Multiple cross-site scripting (XSS) vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote malicious users to inject arbitrary web script or HTML via the username when (1) logging in or (2) creating an account in the old interface, (3) ...
Viprinet Multichannel Vpn Router 300 Firmware 2013080900
Viprinet Multichannel Vpn Router 300 Firmware 2013070830
1 EDB exploit
NA
CVE-2014-3977
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
Ibm Vios 2.2.1.8
Ibm Vios 2.2.2.4
Ibm Vios 2.2.1.1
Ibm Vios 2.2.1.3
Ibm Vios 2.2.3.3
Ibm Aix 7.1
Ibm Vios 2.2.3.2
Ibm Vios 2.2.0.10
Ibm Vios 2.2.1.4
Ibm Aix 6.1
Ibm Vios 2.2.0.13
Ibm Vios 2.2.1.0
Ibm Vios 2.2.2.5
Ibm Vios 2.2.3.0
Ibm Vios 2.2.0.11
Ibm Vios 2.2.0.12
Ibm Vios 2.2.1.9
Ibm Vios 2.2.2.0
1 EDB exploit
NA
CVE-2015-5075
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM prior to 5.2 allows remote malicious users to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
X2engine X2crm
1 EDB exploit
NA
CVE-2012-2179
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Ibm Aix 5.3
Ibm Aix 6.1
Ibm Aix 7.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »