Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0996
Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote malicious users to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.
11in1 11in1 1.2.1
2 EDB exploits
6.1
CVSSv3
CVE-2012-1001
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp prior to 2.1.2 and prior to 2.5 Beta 2 allow remote malicious users to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.
Chyrp Chyrp
Chyrp Chyrp 2.5.2
2 EDB exploits
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
NA
CVE-2013-2712
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS prior to 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via the content parameter.
Krisonav Krisonav 0.9.6
Krisonav Krisonav 0.9.5
Krisonav Krisonav 0.9.4
Krisonav Krisonav 0.9.3
Krisonav Krisonav 2.1.6
Krisonav Krisonav 2.1.5
Krisonav Krisonav 2.1.3
Krisonav Krisonav 2.0.1
Krisonav Krisonav 3.0.0
Krisonav Krisonav 1.1.35
Krisonav Krisonav 1.0.1
Krisonav Krisonav 0.9.7
Krisonav Krisonav
Krisonav Krisonav 1.0.2
Krisonav Krisonav 1.0.0
1 EDB exploit
NA
CVE-2012-5451
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi prior to 2.1.0.3974 allow remote malicious users to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
Tvmobili Tvmobili
1 EDB exploit
NA
CVE-2013-3294
Multiple SQL injection vulnerabilities in Exponent CMS prior to 2.2.0 release candidate 1 allow remote malicious users to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.
Exponentcms Exponent Cms 2.1.0
Exponentcms Exponent Cms 2.1.1
Exponentcms Exponent Cms 2.0.0
Exponentcms Exponent Cms 0.99.0
Exponentcms Exponent Cms 2.0.6
Exponentcms Exponent Cms 2.0.7
Exponentcms Exponent Cms 2.1.4
Exponentcms Exponent Cms
Exponentcms Exponent Cms 2.0.3
Exponentcms Exponent Cms 2.0.8
Exponentcms Exponent Cms 2.0.9
Exponentcms Exponent Cms 2.0.2
Exponentcms Exponent Cms 2.0.1
Exponentcms Exponent Cms 2.0.4
Exponentcms Exponent Cms 2.0.5
Exponentcms Exponent Cms 2.1.2
Exponentcms Exponent Cms 2.1.3
Exponentcms Exponent Cms 0.98.0
Exponentcms Exponent Cms 0.97.0
1 EDB exploit
NA
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
NA
CVE-2012-6290
SQL injection vulnerability in ImageCMS prior to 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrar...
Imagecms Imagecms
1 EDB exploit
NA
CVE-2012-1933
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2)...
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
NA
CVE-2012-2208
Directory traversal vulnerability in upgrade.php in Piwigo prior to 2.3.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Piwigo Piwigo
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »