Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
news project news vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-24606
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.
Luocms Project Luocms 2.0
7.5
CVSSv2
CVE-2022-24607
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.
Luocms Project Luocms 2.0
7.5
CVSSv2
CVE-2021-36789
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows SQL Injection.
Dated News Project Dated News
7.5
CVSSv2
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 12.1
Citrix Application Delivery Controller Firmware 13.0
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 12.0
Citrix Netscaler Gateway Firmware 12.1
Citrix Gateway Firmware 13.0
2 Metasploit modules
64 Github repositories
21 Articles
7.5
CVSSv2
CVE-2018-6928
PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.
News Website Script Project News Website Script 2.0.4
7.5
CVSSv2
CVE-2017-17636
MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter.
Mlm Forced Matrix Project Mlm Forced Matrix 2.0.9
1 EDB exploit
7.5
CVSSv2
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
Cms Auditor Website Project Cms Auditor Website 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-7581
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
News System Project News System
7.5
CVSSv2
CVE-2014-6290
The News (tt_news) extension prior to 3.5.2 for TYPO3 allows remote malicious users to have unspecified impact via vectors related to an "insecure unserialize" issue.
News Project News 3.0.0
News Project News 3.0.1
News Project News 3.2.0
News Project News 3.4.0
News Project News 3.5.0
News Project News
News Project News 3.1.0
News Project News 3.2.1
7.5
CVSSv2
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »