Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29111
The SAP AIF (ODATA service) - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the applica...
Sap Application Interface Framework 756
Sap Application Interface Framework 755
4.3
CVSSv2
CVE-2009-3237
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 prior to 3.2.5 and 3.3 prior to 3.3.5; Groupware 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; and Groupware Webmail Edition 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; allow remote malicious users...
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.3.2
Horde Horde Application Framework 3.3.3
Horde Horde Groupware 1.2.1
Horde Horde Groupware 1.2.2
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.2.2
Horde Horde Application Framework 3.3.4
Horde Horde Groupware 1.1.1
Horde Horde Groupware 1.2.3
Horde Horde Application Framework 3.3
Horde Horde Application Framework 3.3.1
Horde Horde Groupware 1.1.4
Horde Horde Groupware 1.2
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.2.4
Horde Horde Groupware 1.1.2
Horde Horde Groupware 1.1.3
Horde Horde Groupware 1.1.5
Horde Groupware 1.1
Horde Groupware 1.1.3
Horde Groupware 1.2.3
5.8
CVSSv2
CVE-2011-4314
message/ax/AxMessage.java in OpenID4Java prior to 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 prior to 5.1.2, Step2, Kay Framework prior to 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is signed, which allows re...
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 5.1.1
Kay Framework Project Kay Framework 0.1.0
Kay Framework Project Kay Framework 0.0.0
Openid Openid4java 0.9.3
Openid Openid4java 0.9.2
Kay Framework Project Kay Framework 0.3.0
Kay Framework Project Kay Framework 0.2.0
Redhat Jboss Enterprise Application Platform 5.1.2
Kay Framework Project Kay Framework
Openid Openid4java
Openid Openid4java 0.9.4.339
Kay Framework Project Kay Framework 1.0.0
Kay Framework Project Kay Framework 0.8.0
3.5
CVSSv2
CVE-2019-2899
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access vi...
Oracle Jdeveloper 11.1.2.4.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Jdeveloper 12.1.3.0.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Application Development Framework 11.1.1.9.0
Oracle Application Development Framework 12.1.3.0.0
Oracle Application Development Framework 12.2.1.3.0
Oracle Application Development Framework 11.1.2.4.0
Oracle Peoplesoft Enterprise Scm Purchasing 9.2
Oracle Hyperion Financial Management 11.1.2.4
7.5
CVSSv2
CVE-2014-2293
Zikula Application Framework prior to 1.3.7 build 11 allows remote malicious users to conduct PHP object injection attacks and delete arbitrary files or execute arbitrary PHP code via crafted serialized data in the (1) authentication_method_ser or (2) authentication_info_ser para...
Zikula Zikula Application Framework
4.3
CVSSv2
CVE-2005-0961
Cross-site scripting (XSS) vulnerability in Horde 3.0.4 prior to 3.0.4-RC2 allows remote malicious users to inject arbitrary web script or HTML via the parent frame title.
Horde Application Framework 3.0.4 Rc1
6.8
CVSSv2
CVE-2010-1732
Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework prior to 1.2.3 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator email address (updateemail action).
Zikula Zikula Application Framework
NA
CVE-2024-21737
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impa...
Sap Application Interface Framework 702
4.3
CVSSv2
CVE-2010-1724
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not prope...
Zikula Zikula Application Framework 1.2.2
2 EDB exploits
9
CVSSv2
CVE-2010-1572
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
Cisco Application Extension Framework 1.1
Cisco Application Extension Framework 1.1.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »