Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
script security vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2008-6473
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote malicious users to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
Blogator-script Blogator-script 0.95
1 EDB exploit
384
VMScore
CVE-2014-4664
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin prior to 5.1.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.
Wordfence Security Project Wordfence Security 5.1.2
Wordfence Security Project Wordfence Security 5.1.1
Wordfence Security Project Wordfence Security 5.0.3
Wordfence Security Project Wordfence Security 5.0.2
Wordfence Security Project Wordfence Security 5.0.7
Wordfence Security Project Wordfence Security 5.0.6
Wordfence Security Project Wordfence Security 5.0.9
Wordfence Security Project Wordfence Security 5.0.8
Wordfence Security Project Wordfence Security 5.0.1
Wordfence Security Project Wordfence Security 5.0.5
Wordfence Security Project Wordfence Security 5.0.4
2 Github repositories
755
VMScore
CVE-2008-6225
SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote malicious users to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread...
Mole-group Airline Ticket Sale Script -
1 EDB exploit
775
VMScore
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
383
VMScore
CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.2
Bit51 Better-wp-security 3.0.7
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.17
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.8
Bit51 Better-wp-security 2.1
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.2
Bit51 Better-wp-security 3.0.9
Bit51 Better-wp-security 3.0.8
383
VMScore
CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different ...
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.1
Bit51 Better-wp-security 3.0.8
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.16
Bit51 Better-wp-security 2.11
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.7
Bit51 Better-wp-security 2.2
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security 3.0.12
Bit51 Better-wp-security 3.0.11
668
VMScore
CVE-2003-1171
Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 up to and including 1.7.1 in Apache 2 allows remote malicious users to execute arbitrary code via a server side script that sends a large amount of data.
Mod Security Mod Security 1.7
Mod Security Mod Security 1.7.1
383
VMScore
CVE-2013-3487
Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified HTML header fields to (1) 400.php, (2) 403.php, or (3) 403.php.
Ait-pro Bulletproof-security .48.2
Ait-pro Bulletproof-security .48.1
Ait-pro Bulletproof-security .47.4
Ait-pro Bulletproof-security .47.3
Ait-pro Bulletproof-security .46.6
Ait-pro Bulletproof-security .46.5
Ait-pro Bulletproof-security .46.4
Ait-pro Bulletproof-security .45.7
Ait-pro Bulletproof-security .45.6
Ait-pro Bulletproof-security
Ait-pro Bulletproof-security .48.8
Ait-pro Bulletproof-security .48.7
Ait-pro Bulletproof-security .48
Ait-pro Bulletproof-security .47.9
Ait-pro Bulletproof-security .47.2
Ait-pro Bulletproof-security .47.1
Ait-pro Bulletproof-security .46.3
Ait-pro Bulletproof-security .46.2
Ait-pro Bulletproof-security .45.5
Ait-pro Bulletproof-security .45.4
Ait-pro Bulletproof-security .48.4
Ait-pro Bulletproof-security .48.3
383
VMScore
CVE-2007-0563
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) prior to 3.0.1.85 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS.
Symantec Web Security 3.01.67
Symantec Web Security 3.01.68
Symantec Web Security 3.01.61
Symantec Web Security 3.01.62
Symantec Web Security 3.01.63
Symantec Web Security 3.0.1.72
Symantec Web Security 3.01.59
Symantec Web Security 3.01.60
383
VMScore
CVE-2014-7958
Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the dbhost parameter.
Ait-pro Bulletproof Security .50.4
Ait-pro Bulletproof Security .50.3
Ait-pro Bulletproof Security .44.1
Ait-pro Bulletproof Security .44
Ait-pro Bulletproof Security .49.3
Ait-pro Bulletproof Security .49.2
Ait-pro Bulletproof Security .48.5
Ait-pro Bulletproof Security .48.4
Ait-pro Bulletproof Security .47.7
Ait-pro Bulletproof Security .47.6
Ait-pro Bulletproof Security .47.5
Ait-pro Bulletproof Security .46.8
Ait-pro Bulletproof Security .46.7
Ait-pro Bulletproof Security .46
Ait-pro Bulletproof Security .45.9
Ait-pro Bulletproof Security .50.6
Ait-pro Bulletproof Security .50.5
Ait-pro Bulletproof Security .45.1
Ait-pro Bulletproof Security .45
Ait-pro Bulletproof Security .49.5
Ait-pro Bulletproof Security .49.4
Ait-pro Bulletproof Security .48.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »