Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
journal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24050
Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows malicious users to run arbitrary code via parameters firstname and lastname in /add-user.php.
NA
CVE-2012-14671
Open Journal Systems version 2.3.6 suffers from file manipulation, cross site scripting, and shell upload vulnerabilities.
NA
CVE-2012-14693
Open Journal Systems version 2.3.6 suffers from file manipulation, cross site scripting, and shell upload vulnerabilities.
7.5
CVSSv2
CVE-2006-5720
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the forwhat parameter.
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke
1 EDB exploit
6.8
CVSSv2
CVE-2011-5195
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload a PHP file.
Public Knowledge Project Open Conference Systems 2.0
Public Knowledge Project Open Conference Systems 1.1.7
Public Knowledge Project Open Conference Systems 1.1.6
Public Knowledge Project Open Conference Systems 1.1.5
Public Knowledge Project Open Conference Systems 2.3.1
Public Knowledge Project Open Conference Systems 2.3
Public Knowledge Project Open Conference Systems 2.1.2-1
Public Knowledge Project Open Conference Systems 2.1.2
Public Knowledge Project Open Conference Systems 2.1.1.-2
Public Knowledge Project Open Conference Systems 1.1
Public Knowledge Project Open Conference Systems 1.0
Public Knowledge Project Open Conference Systems
Public Knowledge Project Open Conference Systems 2.3.3
Public Knowledge Project Open Conference Systems 2.1.1-1
Public Knowledge Project Open Conference Systems 2.1.0-1
Public Knowledge Project Open Conference Systems 1.1.3
Public Knowledge Project Open Conference Systems 1.1.1
Public Knowledge Project Open Conference Systems 2.3.3-1
Public Knowledge Project Open Conference Systems 2.3.2
Public Knowledge Project Open Conference Systems 2.1.1
Public Knowledge Project Open Conference Systems 2.1
Public Knowledge Project Open Conference Systems 1.1.4
1 EDB exploit
6.8
CVSSv2
CVE-2011-5197
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Harvester Systems 2.3.1 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload PHP files.
Public Knowledge Project Open Harvester Systems 1.0
Public Knowledge Project Open Harvester Systems 1.0.1
Public Knowledge Project Open Harvester Systems 2.0.0
Public Knowledge Project Open Harvester Systems 2.0.1
Public Knowledge Project Open Harvester Systems 2.3.0
Public Knowledge Project Open Harvester Systems
1 EDB exploit
4.3
CVSSv2
CVE-2019-16147
Liferay Portal up to and including 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.
Liferay Liferay Portal 7.2.0
Liferay Liferay Portal
2.1
CVSSv2
CVE-2014-9770
tmpfiles.d/systemd.conf in systemd prior to 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Opensuse Opensuse 13.2
9.3
CVSSv2
CVE-2016-0182
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote malicious users to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption Vulnerability."
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows 10 1511
Microsoft Windows 10 -
Microsoft Windows Rt 8.1
Microsoft Windows Vista
9.3
CVSSv2
CVE-2015-6097
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote malicious users to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability.&qu...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Server 2008 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »