Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
disclosure management vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-4724
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive informatio...
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
5
CVSSv2
CVE-2013-4725
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmis...
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
6.8
CVSSv2
CVE-2013-4726
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
5
CVSSv2
CVE-2013-4728
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to obtain sensitive information via a .. (dot dot) in the "l" parameter, which reveals the installation path in an error message.
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
5
CVSSv2
CVE-2013-1631
Verax NMS before 2.1.0 leaks connection details when any user executes a Repair Table action
Veraxsystems Network Management System
4
CVSSv2
CVE-2017-5672
Kony Enterprise Mobile Management (EMM) prior to 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request.
Kony Enterprise Mobile Management
5
CVSSv2
CVE-2010-4112
HP Insight Management Agents prior to 8.6 allows remote malicious users to obtain sensitive information via an unspecified request that triggers disclosure of the full path.
Hp Insight Management Agents
Hp Insight Management Agents 7.70.0.0
Hp Insight Management Agents 8.15.0.0
Hp Insight Management Agents 8.11.0.0
Hp Insight Management Agents 7.60.0.0
Hp Insight Management Agents 7.51.0.0
Hp Insight Management Agents 7.10.0.0
Hp Insight Management Agents 7.0.0.0
Hp Insight Management Agents 8.20.0.0
Hp Insight Management Agents 8.22.0.0
Hp Insight Management Agents 7.90.0.0
Hp Insight Management Agents 7.80.0.0
Hp Insight Management Agents 7.30.0.0
Hp Insight Management Agents 7.20.0.0
Hp Insight Management Agents 8.1.0.0
Hp Insight Management Agents 8.50.0.0
Hp Insight Management Agents 8.10.0.0
Hp Insight Management Agents 8.0.0.0
Hp Insight Management Agents 7.50.0.0
Hp Insight Management Agents 7.41.0.0
Hp Insight Management Agents 6.40.0.0
Hp Insight Management Agents 6.31.0.0
4
CVSSv2
CVE-2017-6673
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote malicious user to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed...
Cisco Firepower Management Center 6.1.0.2
Cisco Firepower Management Center 6.2.0
5
CVSSv2
CVE-2008-6493
Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for Database/News.mdb.
Easy-news Easy Content Management Publishing -
1 EDB exploit
5
CVSSv2
CVE-2007-6400
Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote malicious users to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.
Poldoc Poldoc Document Management System 0.96
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »