Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
click project click - vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-1010307
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket...
Glpi-project Glpi 9.3.1
9.8
CVSSv3
CVE-2014-3114
The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and previous versions for WordPress allows remote malicious users to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php.
Ezpz-one-click-backup Project Ezpz-one-click-backup
6.1
CVSSv3
CVE-2018-1000088
Doorkeeper version 2.1.0 up to and including 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will exe...
Doorkeeper Project Doorkeeper
6.1
CVSSv3
CVE-2015-3998
Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote malicious users to inject arbitrary web script or HTML via the query parameter to whois.php.
Clickfraud-monitoring Adsense-click-fraud-monitoring 1.7.5
Phpwhois Project Phpwhois 4.2.5
8.6
CVSSv3
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition due to the Snort process unexpectedly resta...
Cisco Firepower Management Center 6.0.0.0
Cisco Firepower Management Center 6.0.0
Cisco Firepower Management Center 6.0.0.1
Cisco Firepower Management Center 6.0.1
9.8
CVSSv3
CVE-2015-8768
click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote malicious users to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu ph...
Click Project Click -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2014-6294
Cross-site scripting (XSS) vulnerability in the External links click statistics (outstats) extension 0.0.3 and previous versions for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
External Links Click Statistics Project External Links Click Statistics
NA
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and previous versions, 6 Update 41 and previous versions, and 5.0 Update 40 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (crash...
Oracle Jre 1.7.0
Oracle Jre
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
Oracle Jdk 1.7.0
1 EDB exploit
3 Articles
NA
CVE-2008-5500
The layout engine in Mozilla Firefox 3.x prior to 3.0.5 and 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allows remote malicious users to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Debian Debian Linux 5.0
NA
CVE-2008-5503
The loadBindingDocument function in Mozilla Firefox 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote malicious users to read or access data from ...
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0.0.6
Mozilla Firefox 2.0.0.5
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 2.0.0.9
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1.9
Mozilla Thunderbird 2.0.0.16
Mozilla Thunderbird 2.0.0.17
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.1
Mozilla Thunderbird 2.0.0.4
Mozilla Thunderbird 2.0.0.0
Mozilla Seamonkey 1.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »