Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2009-3811
Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote malicious users to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information.
Assistanttools Music Tag Editor 1.61
1 EDB exploit
6.8
CVSSv2
CVE-2015-6493
Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x up to and including 2.6.0 build 430 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Infinite Automation Systems Mango Automation 2.5.0
Infinite Automation Systems Mango Automation 2.6.0
Infinite Automation Systems Mango Automation 2.5.5
1 EDB exploit
7.5
CVSSv2
CVE-2011-5039
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parame...
Infoproject Biznis Heroj
1 EDB exploit
7.2
CVSSv2
CVE-2011-5044
SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.
Sopcast Sopcast 3.4.7.45585
1 EDB exploit
6.8
CVSSv2
CVE-2014-9101
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks or possibly ...
Skalfa Skadate Lite 2.0
Oxwall Oxwall 1.7.0
1 EDB exploit
6.8
CVSSv2
CVE-2014-9344
Cross-site request forgery (CSRF) vulnerability in Snowfox CMS prior to 1.0.10 allows remote malicious users to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/.
Globiz Solutions Snowfox Content Management System
1 EDB exploit
5
CVSSv2
CVE-2014-9350
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote malicious users to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
Tp-link Tl-wr740n Firmware 3.16.6
Tp-link Tl-wr740n Firmware 3.16.4
Tp-link Tl-wr740n Firmware 3.17.0
Tp-link Tl-wr740n 4
1 EDB exploit
4.3
CVSSv2
CVE-2011-5040
Multiple cross-site scripting (XSS) vulnerabilities in Infoproject Biznis Heroj allow remote malicious users to inject arbitrary web script or HTML via the config parameter to (1) nalozi_naslov.php and (2) widget.dokumenti_lista.php.
Infoproject Biznis Heroj
1 EDB exploit
5
CVSSv2
CVE-2012-1790
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote malicious users to read arbitrary files via a full pathname in the file parameter to index.php.
Webgrind Project Webgrind 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2015-2678
Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS prior to 0.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php.
Genixcms Genixcms
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »