Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-40532
Telegram Web K Alpha prior to 0.7.2 mishandles the characters in a document extension.
Telegram Web K Alpha
7.5
CVSSv2
CVE-2018-1000831
K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious WebDAV server or intercept the r...
K9mail K-9 Mail
4.3
CVSSv2
CVE-2008-7098
Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Premium allow remote malicious users to inject arbitrary web script or HTML via the blog, possibly the (1) Title and (2) Text fields; (3) the gallery, possibly the Description field in Your Pictures; (4) the foru...
Qsoft-inc K-rate -
1 EDB exploit
6.8
CVSSv2
CVE-2008-7099
Unspecified vulnerability in the Manage Templates feature in Qsoft K-Rate Premium allows remote malicious users to execute arbitrary PHP code via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Qsoft-inc K-rate -
1 EDB exploit
7.5
CVSSv2
CVE-2008-7097
Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote malicious users to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/funct...
Qsoft-inc K-rate -
1 EDB exploit
9.3
CVSSv2
CVE-2020-7863
A vulnerability in File Transfer Solution of Raonwiz could allow arbitrary command execution as the result of viewing a specially-crafted web page. This vulnerability is due to insufficient validation of the parameter of the specific method. An attacker could exploit this vulnera...
Raonwiz Raon K Upload
5
CVSSv2
CVE-2002-0342
Kmail 1.2 on KDE 2.1.1 allows remote malicious users to cause a denial of service (crash) via an email message whose body is approximately 55 K long.
Kde K-mail 1.2
4.3
CVSSv2
CVE-2010-2457
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote malicious users to inject arbitrary web script or HTML via the term parameter.
Qsoft-inc K-search
1 EDB exploit
5.1
CVSSv2
CVE-2006-1942
Mozilla Firefox 1.5.0.2 and possibly other versions prior to 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote malicious users to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then...
K-meleon Project K-meleon 0.9.13
Mozilla Firefox 1.5.0.2
Netscape Navigator 7.2
Netscape Navigator 8.0.40
Netscape Navigator 8.1
5.4
CVSSv2
CVE-2014-7719
The BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application 1.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Mobile Baseball Manager K 1.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »