Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5150
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149...
Spamtitan Spamtitan
1 EDB exploit
NA
CVE-2013-3179
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
NA
CVE-2013-5962
Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin prior to 3.3.4 rev40279 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Envato Complete Gallery Manager Plugin 3.3.2
Envato Complete Gallery Manager Plugin 3.3.1
Envato Complete Gallery Manager Plugin 3.2.2
Envato Complete Gallery Manager Plugin 3.2.1
Envato Complete Gallery Manager Plugin 2.0.2
Envato Complete Gallery Manager Plugin 2.0.1
Envato Complete Gallery Manager Plugin 3.2.6
Envato Complete Gallery Manager Plugin 3.2.5
Envato Complete Gallery Manager Plugin 3.1.0
Envato Complete Gallery Manager Plugin 3.0.1
Envato Complete Gallery Manager Plugin 1.0.1
Envato Complete Gallery Manager Plugin 1.0.0
Envato Complete Gallery Manager Plugin 3.3.0
Envato Complete Gallery Manager Plugin 3.2.8
Envato Complete Gallery Manager Plugin 3.2.7
Envato Complete Gallery Manager Plugin 3.2.0
Envato Complete Gallery Manager Plugin 3.1.1
Envato Complete Gallery Manager Plugin 2.0.0
Envato Complete Gallery Manager Plugin 1.0.2
Envato Complete Gallery Manager Plugin
Envato Complete Gallery Manager Plugin 3.2.4
Envato Complete Gallery Manager Plugin 3.2.3
1 EDB exploit
NA
CVE-2012-4259
Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone UC Web and the (2) web frontend for XPhone Virtual Directory in C4B XPhone Unified Communications (UC) 2011 Web 4.1.890S R1 allows remote malicious users to inject arbitrary web script or HTML via the company ...
C4b Xphone Unified Communications 2011 4.1.890s
1 EDB exploit
NA
CVE-2012-4261
SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote malicious users to execute arbitrary SQL commands via the lang parameter.
Hccgmbh Mycare2x -
1 EDB exploit
NA
CVE-2012-4262
Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow remote malicious users to inject arbitrary web script or HTML via the (1) name_last, (2) name_first, (3) name_middle, or (4) name_maiden parameter to modules/patient/mycare_pid.php; (5) favorites or (6) lang pa...
Hccgmbh Mycare2x -
1 EDB exploit
NA
CVE-2012-4265
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Itechscripts Proman Xpress 5.0.1
1 EDB exploit
NA
CVE-2012-4280
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote malicious users to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-5898
Cross-site request forgery (CSRF) vulnerability in SAMEDIA LandShop 0.9.2 allows remote malicious users to hijack the authentication of administrators for requests that change account settings.
Samedia Landshop 0.9.2
1 EDB exploit
NA
CVE-2012-1059
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via the value_title parameter, as demonstrated using the "Front&q...
Oscommerce Online Merchant 3.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »