Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1423
Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php.
Jakweb Gecko Cms 2.2
Jakweb Gecko Cms 2.3
1 EDB exploit
NA
CVE-2015-1424
Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator user via a newuser request to admin/index.php.
Jakweb Gecko Cms 2.2
Jakweb Gecko Cms 2.3
1 EDB exploit
NA
CVE-2015-1575
Multiple cross-site scripting (XSS) vulnerabilities in u5CMS prior to 3.9.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) c, (2) i, (3) l, or (4) p parameter to index.php; the (5) a or (6) b parameter to u5admin/cookie.php; the name parameter to ...
Yuba U5cms
1 EDB exploit
NA
CVE-2015-1576
Multiple SQL injection vulnerabilities in u5CMS prior to 3.9.4 allow remote malicious users to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5a...
Yuba U5cms
1 EDB exploit
7.5
CVSSv3
CVE-2013-2227
GLPI 0.83.7 has Local File Inclusion in common.tabs.php.
Glpi-project Glpi 0.83.7
Debian Debian Linux 8.0
1 EDB exploit
NA
CVE-2009-1944
Stack-based buffer overflow in AIMP 2.51 build 330 allows remote malicious users to execute arbitrary code via an MP3 file with a long ID3 tag.
Aimp Aimp 2.51
1 EDB exploit
NA
CVE-2009-2173
The LAN game feature in Carom3D 5.06 allows remote authenticated users to cause a denial of service (application hang) via a crafted HTTP request to TCP port 28012.
Gameis Carom3d 5.06
1 EDB exploit
NA
CVE-2013-3535
Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0 and 1.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) admin_email, (2) header_title, (3) site_title parameter to admin/settings; (4) recaptcha_private or (5) recaptcha_public...
Themelogik Cmslogik 1.2.0
Themelogik Cmslogik 1.2.1
1 EDB exploit
NA
CVE-2015-7900
Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0 build 430 allows remote malicious users to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page.
Infinite Automation Systems Mango Automation 2.5.5
Infinite Automation Systems Mango Automation 2.6.0
Infinite Automation Systems Mango Automation 2.5.0
1 EDB exploit
NA
CVE-2015-7902
Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote malicious users to obtain sensitive information via a series of requests.
Infinite Automation Systems Mango Automation 2.5.0
Infinite Automation Systems Mango Automation 2.5.5
Infinite Automation Systems Mango Automation 2.6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »