Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ali vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2015-6008
install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.
Refbase Refbase
1 EDB exploit
383
VMScore
CVE-2018-17964
Aryanic HighPortal 12.5 has XSS via an Add Tags action.
Aryanic Highportal 12.5
685
VMScore
CVE-2008-6572
SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Abledating Abledating 2.4
1 EDB exploit
801
VMScore
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall ...
Otrs Otrs 6.0.0
Otrs Otrs 6.0.1
Otrs Otrs
668
VMScore
CVE-2018-18399
SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote malicious user to execute arbitrary SQL commands via the "id" parameter.
Jco Karma 6.0.0
755
VMScore
CVE-2008-4599
SQL injection vulnerability in category.php in Mosaic Commerce allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Mosaic Commerce Mosaic Commerce
1 EDB exploit
755
VMScore
CVE-2012-4993
torrent_functions.php in RivetTracker 1.03 and previous versions does not properly restrict access, which allows remote malicious users to have an unspecified impact.
Rivetcode Rivettracker
1 EDB exploit
755
VMScore
CVE-2014-3934
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote malicious users to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Phpnuke Php-nuke 8.3
Phpnuke Submit News Module -
1 EDB exploit
435
VMScore
CVE-2008-6439
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Abledating Abledating 2.4
1 EDB exploit
855
VMScore
CVE-2008-2478
scripts/wwwacct in cPanel 11.18.6 STABLE and previous versions and 11.23.1 CURRENT and previous versions allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor...
Cpanel Cpanel
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »