Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lostmon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6266
Multiple SQL injection vulnerabilities in bcoos 1.0.10 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (...
Bcoos Bcoos 1.0.10
2 EDB exploits
NA
CVE-2007-1773
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote malicious users to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384.
Unverse.net Abitwhizzy
2 EDB exploits
NA
CVE-2005-2324
Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote malicious users to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php.
Clever Copy Clever Copy 2.0
Clever Copy Clever Copy 2.0a
2 EDB exploits
NA
CVE-2005-3285
Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote malicious users to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.
Comersus Open Technologies Comersus Backoffice Plus
1 EDB exploit
NA
CVE-2009-0321
Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote malicious users to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence.
Apple Safari 3.2.1
1 EDB exploit
NA
CVE-2008-4432
Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote malicious users to inject arbitrary web script or HTML via the itemsxpag parameter.
Rmsoft Minishop Module 1.0
1 EDB exploit
NA
CVE-2004-2245
Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote malicious users to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php.
Goollery Goollery 0.3
1 EDB exploit
NA
CVE-2004-2246
Cross-site scripting (XSS) vulnerability in Goollery prior to 0.04b allows remote malicious users to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php.
Goollery Goollery 0.3
1 EDB exploit
NA
CVE-2005-0606
Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 up to and including 2.0.5, as used in multiple PHP files, allows remote malicious users to inject arbitrary HTML or web script via the (1) cat_id, (2) PHPSESSID, (3) view_doc, (4) product, (5) session...
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.5
1 EDB exploit
NA
CVE-2005-4627
Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite 1.0 up to and including 1.0.4 and (2) GFHost 0.1.1 up to and including 0.4.2 allows remote malicious users to inject arbitrary web script or HTML via the lng parameter.
Gfhost Gfhost 0.4.1
Gfhost Gfhost 0.4.2
Gmailsite Gmailsite 1.0
Gfhost Gfhost 0.1.1
Gfhost Gfhost 0.2
Gmailsite Gmailsite 1.0.3
Gmailsite Gmailsite 1.0.4
Gfhost Gfhost 0.3
Gfhost Gfhost 0.4
Gmailsite Gmailsite 1.0.1
Gmailsite Gmailsite 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »