Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w. cashdollar vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2013-1933
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a PDF filename.
Documentcloud Karteek-docsplit 0.5.4
5
CVSSv2
CVE-2015-4414
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Se Html5 Album Audio Player Project Se Html5 Album Audio Player
1 EDB exploit
7.5
CVSSv2
CVE-2015-4614
Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin prior to 1.2.5 for WordPress allow remote malicious users to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other uns...
Easy2map Project Easy2map
1 EDB exploit
5
CVSSv2
CVE-2015-4616
Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin prior to 1.2.5 for WordPress allows remote malicious users to create arbitrary files via a .. (dot dot) in the map_id parameter.
Easy2map Project Easy2map
1 EDB exploit
5
CVSSv2
CVE-2000-0588
SawMill 5.0.21 CGI program allows remote malicious users to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
Sawmill Sawmill 5.0.21
1 EDB exploit
7.5
CVSSv2
CVE-2000-0589
SawMill 5.0.21 uses weak encryption to store passwords, which allows malicious users to easily decrypt the password and modify the SawMill configuration.
Sawmill Sawmill 5.0.21
1 EDB exploit
7.2
CVSSv2
CVE-2003-0497
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
Intersystems Cache Database 5
1 EDB exploit
7.2
CVSSv2
CVE-2015-7556
DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
Delegate Delegate 9.9.13
1 EDB exploit
10
CVSSv2
CVE-2016-7489
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.
Teradata Virtual Machine 15.10
3.5
CVSSv2
CVE-2016-1000121
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
Huge-it Slider 1.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »