Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mr_me vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-15979
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For m...
Cisco Data Center Network Manager
1 Article
685
VMScore
CVE-2016-2539
Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor prior to 2.2.2 allows remote malicious users to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.
Atutor Atutor
1 EDB exploit
755
VMScore
CVE-2011-1055
SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the session.user_id parameter to media.cfm.
Lingxia273 Lingxia I.c.e Cms 1.0
1 EDB exploit
755
VMScore
CVE-2010-4910
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote malicious users to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
Coldgen Coldcalendar 2.06
1 EDB exploit
755
VMScore
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote malicious users to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
Coldgen Coldusergroup 1.06
1 EDB exploit
685
VMScore
CVE-2011-5196
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload PHP files.
Public Knowledge Project Open Journal Systems 2.3.2
Public Knowledge Project Open Journal Systems 2.3.1-2
Public Knowledge Project Open Journal Systems 2.3.0
Public Knowledge Project Open Journal Systems 2.2.4
Public Knowledge Project Open Journal Systems 1.1.7
Public Knowledge Project Open Journal Systems 1.1.6
Public Knowledge Project Open Journal Systems 1.1.5
Public Knowledge Project Open Journal Systems 1.1
Public Knowledge Project Open Journal Systems 2.3.4
Public Knowledge Project Open Journal Systems 2.1.1
Public Knowledge Project Open Journal Systems 2.1
Public Knowledge Project Open Journal Systems 2.0.2-1
Public Knowledge Project Open Journal Systems 2.0.1
Public Knowledge Project Open Journal Systems 2.3.3-3
Public Knowledge Project Open Journal Systems 2.3.3-1
Public Knowledge Project Open Journal Systems 2.3.2-1
Public Knowledge Project Open Journal Systems 2.2.3
Public Knowledge Project Open Journal Systems 2.2.1
Public Knowledge Project Open Journal Systems 1.1.10
Public Knowledge Project Open Journal Systems 1.1.8
Public Knowledge Project Open Journal Systems 1.0.1
Public Knowledge Project Open Journal Systems
1 EDB exploit
685
VMScore
CVE-2011-5197
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Harvester Systems 2.3.1 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload PHP files.
Public Knowledge Project Open Harvester Systems 1.0
Public Knowledge Project Open Harvester Systems 1.0.1
Public Knowledge Project Open Harvester Systems 2.0.0
Public Knowledge Project Open Harvester Systems 2.0.1
Public Knowledge Project Open Harvester Systems 2.3.0
Public Knowledge Project Open Harvester Systems
1 EDB exploit
515
VMScore
CVE-2011-0518
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via the system parameter to index.php.
Lotuscms Fraise 3.0
1 EDB exploit
NA
CVE-2016-253924
ATutor LMS versions 2.2.1 and below cross site request forgery remote code execution exploit that leverages install_modules.php.
505
VMScore
CVE-2010-3468
Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 prior to 5.1.498 and 5.2 prior to 5.2.2809, and Sava CMS 5 up to and including 5.2, allows remote malicious users to read arbitrary files via a .. (dot dot) in the FILEID parameter to the default URI under tasks...
Blueriver Sava Cms 5.0
Blueriver Sava Cms 5.0.122
Blueriver Sava Cms 5.2
Blueriver Mura Cms 5.2
Blueriver Mura Cms 5.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »