Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-6824
The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote malicious users to obtain access.
A-link Wl54ap3
A-link Wl54ap2
1 EDB exploit
7.5
CVSSv2
CVE-2007-2933
SQL injection vulnerability in index.php in the Phil-a-Form (com_philaform) 1.2.0.0 and previous versions component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the form_id parameter.
Phil-a-form Phil-a-form 1.2.0.0
1 EDB exploit
7.8
CVSSv2
CVE-2012-3252
Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote malicious users to cause a denial of service via unknown vectors.
Hp Serviceguard A.11.19
Hp Serviceguard A.11.20
NA
CVE-2022-39039
aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt servi...
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39040
aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39041
aEnrich a+HRD has insufficient user input validation for specific API parameter. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39042
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
4.3
CVSSv2
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
6.8
CVSSv2
CVE-2011-3164
Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.
Hp Hp-ux Containers A.03.00
Hp Hp-ux Containers A.03.01
Hp Hp-ux Containers A.03.00.002
4
CVSSv2
CVE-2022-23810
Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »