Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pro search pro search vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2017-2214
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an malicious user to execute arbitrary code via a specially crafted executable file in an unspecified directory.
Jiransoft Appcheck
Jiransoft Appcheck Pro
5.5
CVSSv3
CVE-2023-32272
Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.
Intel Nuc Pro Software Suite
NA
CVE-2009-2447
Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in Online Guestbook Pro 5.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) search or (2) display parameter.
Esoftpro Online Guestbook Pro 5.1
NA
CVE-2006-6804
SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Enthrallweb Dragon Business Directory Pro
1 EDB exploit
NA
CVE-2006-6196
Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote malicious users to inject arbitrary web script or HTML via a search field (txtsearchtext parameter).
Fixit Knowledge Solutions Idms Pro Image Gallery
6.1
CVSSv3
CVE-2021-25016
The Chaty WordPress plugin prior to 2.8.3 and Chaty Pro WordPress plugin prior to 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting
Premio Chaty
Premio Chaty Pro
7.5
CVSSv3
CVE-2023-40599
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and previous versions, which allows a remote unauthenticated malicious user to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/sear...
Synck Graphica Mailform Pro Cgi
NA
CVE-2009-4989
Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote malicious users to inject arbitrary web script or HTML via the txtkeyword parameter in a search action.
Ajsquare Aj Auction Pro-oopd 3.0
1 EDB exploit
NA
CVE-2006-6030
Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd (Password) fields in (a) admin/default.asp; or the (3) Event Title, (4) Location, or (5) Description field when making a...
Futuretec E-calendar Pro 3.0
7.3
CVSSv3
CVE-2022-23449
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local malicious user to execute code with elevated privileges by placin...
Siemens Simatic Energy Manager Basic
Siemens Simatic Energy Manager Basic 7.3
Siemens Simatic Energy Manager Pro
Siemens Simatic Energy Manager Pro 7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »