Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1665
Multiple SQL injection vulnerabilities in the admin panel in osCMax prior to 2.5.1 allow (1) remote malicious users to execute arbitrary SQL commands via the username parameter in a process action to admin/login.php or (2) remote administrators to execute arbitrary SQL commands v...
Oscmax Oscmax
2 EDB exploits
6.1
CVSSv3
CVE-2012-2452
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x prior to 1.12.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php.
Pragmamx Pragmamx
2 EDB exploits
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
NA
CVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote malicious users to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
Phplist Phplist 2.8.2
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
1 EDB exploit
NA
CVE-2014-1908
The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin prior to 4.29.5 for WordPress allows remote malicious users to obtain sensitive information via a direct request, which reveals ...
Videowhisper Videowhisper Live Streaming Integration
1 EDB exploit
NA
CVE-2012-0985
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect softwa...
Sony Vaio Pc Wireless Lan Wizard 1.0
Sony Smartwi Connection Utillity 4.7.4
Sony Smartwi Connection Utillity 4.8
Sony Vaio Wireless Wizard 3.0
Sony Smartwi Connection Utillity 4.7
Sony Vaio Easy Connect 1.1.0
Sony Vaio Wireless Wizard 1.00
Sony Vaio Wireless Wizard 1.00 64
Sony Smartwi Connection Utillity 4.9
Sony Smartwi Connection Utillity 4.10
Sony Vaio Wireless Wizard 1.01
Sony Vaio Wireless Wizard 2.0
Sony Smartwi Connection Utillity 4.11
Sony Vaio Easy Connect 1.0.0
1 EDB exploit
NA
CVE-2012-0997
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote malicious users to hijack the authentication of administrators for requests that add new topics via an addTopic action.
11in1 11in1 1.2.1
1 EDB exploit
NA
CVE-2013-5693
Cross-site scripting (XSS) vulnerability in X2Engine X2CRM prior to 3.5 allows remote malicious users to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor.
X2engine X2crm 3.1.2
X2engine X2crm 3.1.1
X2engine X2crm 3.1
X2engine X2crm 3.0.2
X2engine X2crm 1.3.1
X2engine X2crm 1.3
X2engine X2crm 1.2.2
X2engine X2crm 1.2.1
X2engine X2crm 3.3.1
X2engine X2crm 3.2
X2engine X2crm 3.0.1
X2engine X2crm 2.9.1
X2engine X2crm 2.5.2
X2engine X2crm 2.2.1
X2engine X2crm 1.1.0
X2engine X2crm 1.0
X2engine X2crm
X2engine X2crm 3.4
X2engine X2crm 2.8.1
X2engine X2crm 2.8
X2engine X2crm 2.7.2
X2engine X2crm 2.7.1
1 EDB exploit
NA
CVE-2013-2712
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS prior to 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via the content parameter.
Krisonav Krisonav 0.9.6
Krisonav Krisonav 0.9.5
Krisonav Krisonav 0.9.4
Krisonav Krisonav 0.9.3
Krisonav Krisonav 2.1.6
Krisonav Krisonav 2.1.5
Krisonav Krisonav 2.1.3
Krisonav Krisonav 2.0.1
Krisonav Krisonav 3.0.0
Krisonav Krisonav 1.1.35
Krisonav Krisonav 1.0.1
Krisonav Krisonav 0.9.7
Krisonav Krisonav
Krisonav Krisonav 1.0.2
Krisonav Krisonav 1.0.0
1 EDB exploit
NA
CVE-2012-5849
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating...
Clip-bucket Clipbucket
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »