Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3232
Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, as downloaded before May 30, 2012, allows remote malicious users to inject arbitrary web script or HTML via the _text[title] parameter.
Webatall Web\\@all 2.0
1 EDB exploit
NA
CVE-2012-4034
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote malicious users to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter ...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-4036
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability c...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2011-5213
Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id ...
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 5.000.01
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.624.50
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.615.10
Browsercrm Browsercrm 4.604.01
Browsercrm Browsercrm 5.000.00
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.624.01
Browsercrm Browsercrm 4.624.00
Browsercrm Browsercrm 4.614.00
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 5.100.00
2 EDB exploits
NA
CVE-2013-4759
Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x prior to 1.4.7 and 2.x prior to 2.0.2 for Magnolia CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPub...
Magnolia-cms Magnolia Form Module 1.4.5
Magnolia-cms Magnolia Form Module 1.4.6
Magnolia-cms Magnolia Form Module 2.0
Magnolia-cms Magnolia Form Module 2.0.1
Magnolia-cms Magnolia Form Module 1.4
Magnolia-cms Magnolia Form Module 1.4.1
Magnolia-cms Magnolia Form Module 1.4.2
Magnolia-cms Magnolia Form Module 1.4.3
Magnolia-cms Magnolia Form Module 1.4.4
1 EDB exploit
8.1
CVSSv3
CVE-2014-1632
htdocs/setup/index.php in Eventum prior to 2.3.5 allows remote malicious users to inject and execute arbitrary PHP code via the hostname parameter.
Eventum Project Eventum
1 EDB exploit
NA
CVE-2012-3233
Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php in Kayako Fusion 4.40.1148, and possibly prior to 4.50.1581, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Kayako Fusion 4.40.1148
1 EDB exploit
NA
CVE-2010-1724
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not prope...
Zikula Zikula Application Framework 1.2.2
2 EDB exploits
6.1
CVSSv3
CVE-2012-2517
Cross-site scripting (XSS) vulnerability in PrestaShop prior to 1.4.9 allows remote malicious users to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php.
Prestashop Prestashop
1 EDB exploit
NA
CVE-2013-1409
Cross-site scripting (XSS) vulnerability in the CommentLuv plugin prior to 2.92.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/admin-ajax.php.
Commentluv Commentluv 2.90.9.9
Commentluv Commentluv 2.90.9.8
Commentluv Commentluv 2.90.9.7
Commentluv Commentluv 2.90.9.6
Commentluv Commentluv 2.90.3
Commentluv Commentluv 2.90.1
Commentluv Commentluv 2.81.8
Commentluv Commentluv 2.81.7
Commentluv Commentluv 2.765
Commentluv Commentluv 2.764
Commentluv Commentluv
Commentluv Commentluv 2.91
Commentluv Commentluv 2.90.9.9.2
Commentluv Commentluv 2.90.9.4
Commentluv Commentluv 2.90.9.2
Commentluv Commentluv 2.90.7
Commentluv Commentluv 2.90.5
Commentluv Commentluv 2.81.6
Commentluv Commentluv 2.81.4
Commentluv Commentluv 2.769
Commentluv Commentluv 2.767
Commentluv Commentluv 2.76
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »