Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-3028
Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and previous versions for TYPO3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Typo3 Send A Card 2.2.1
Typo3 Send A Card
Typo3 Send A Card 2.2
755
VMScore
CVE-2007-2933
SQL injection vulnerability in index.php in the Phil-a-Form (com_philaform) 1.2.0.0 and previous versions component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the form_id parameter.
Phil-a-form Phil-a-form 1.2.0.0
1 EDB exploit
NA
CVE-2022-39039
aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt servi...
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39040
aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39042
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39041
aEnrich a+HRD has insufficient user input validation for specific API parameter. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
383
VMScore
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
694
VMScore
CVE-2012-3252
Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote malicious users to cause a denial of service via unknown vectors.
Hp Serviceguard A.11.19
Hp Serviceguard A.11.20
605
VMScore
CVE-2011-3164
Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.
Hp Hp-ux Containers A.03.00
Hp Hp-ux Containers A.03.01
Hp Hp-ux Containers A.03.00.002
356
VMScore
CVE-2022-23810
Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »