Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abysssec vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3480
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Apphp Php Microcms 1.0.1
1 EDB exploit
NA
CVE-2010-3481
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE...
Apphp Php Microcms 1.0.1
1 EDB exploit
NA
CVE-2010-3602
Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote malicious users to inject arbitrary web script or HTML via the User ID parameter. NOTE: some of these details are obtained from third party information.
Sourcetreesolutions Mojoportal 2.3.5.1
Sourcetreesolutions Mojoportal 2.3.4.3
1 EDB exploit
NA
CVE-2010-1247
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote malicious users to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerabili...
Microsoft Excel 2002
1 EDB exploit
NA
CVE-2009-4089
telepark.wiki 2.4.23 and previous versions allows remote malicious users to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.
Telepark Telepark.wiki 2.4.23
2 EDB exploits
NA
CVE-2009-4088
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and previous versions allow remote malicious users to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local...
Telepark Telepark.wiki
2 EDB exploits
NA
CVE-2010-3653
The Director module (dirapi.dll) in Adobe Shockwave Player prior to 11.5.9.615 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a point...
Adobe Shockwave Player 11.5.6.606
Adobe Shockwave Player 11.5.2.602
Adobe Shockwave Player 10.2.0.022
Adobe Shockwave Player 10.1.0.11
Adobe Shockwave Player 9.0.383
Adobe Shockwave Player 9.0.432
Adobe Shockwave Player 8.5.325
Adobe Shockwave Player 8.0.196
Adobe Shockwave Player 5.0
Adobe Shockwave Player 4.0
Adobe Shockwave Player 11.5.0.596
Adobe Shockwave Player 11.5.7.609
Adobe Shockwave Player 10.1.1.016
Adobe Shockwave Player 10.1.0.011
Adobe Shockwave Player 8.0.204
Adobe Shockwave Player 8.0.205
Adobe Shockwave Player 8.5.1.106
Adobe Shockwave Player 8.0
Adobe Shockwave Player 8.5.1.105
Adobe Shockwave Player 1.0
Adobe Shockwave Player
Adobe Shockwave Player 11.0.0.456
2 EDB exploits
1 Article
NA
CVE-2011-0073
Mozilla Firefox prior to 3.5.19 and 3.6.x prior to 3.6.17, and SeaMonkey prior to 2.0.14, does not properly use nsTreeRange data structures, which allows remote malicious users to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.14
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.2
2 EDB exploits
NA
CVE-2011-2140
Adobe Flash Player prior to 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and prior to 10.3.186.3 on Android, and Adobe AIR prior to 2.7.1 on Windows and Mac OS X and prior to 2.7.1.1961 on Android, allows malicious users to execute arbitrary code or cause a denial of servi...
Adobe Flash Player 10.1.102.64
Adobe Flash Player 10.1.92.10
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.246.0
Adobe Flash Player 9.0.260.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.283.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 8.0.22.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 8.0.42.0
Adobe Flash Player 7.0.60.0
Adobe Flash Player 7.0.73.0
Adobe Flash Player 7.1.1
Adobe Flash Player 10.1.52.15
Adobe Flash Player 10.0.15.3
Adobe Flash Player 10.0.12.36
Adobe Flash Player 9.0.152.0
Adobe Flash Player 9.0.151.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.125.0
Adobe Flash Player 9.0.124.0
2 EDB exploits
NA
CVE-2012-4959
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Novell File Reporter 1.0.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »