Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2009-1554
Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun GlassFish Enterprise Server and other products, allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 string in the PATH_INFO, which is displayed on the 4...
Sun Woodstock 4.2
1 EDB exploit
435
VMScore
CVE-2008-2496
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
Quate Quate Cms 0.3.4
1 EDB exploit
945
VMScore
CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 on Windows allow remote malicious users to upload files to arbitrary directories via directory traversal sequences in the (1) group, ...
Apache Geronimo 2.1
Apache Geronimo 2.1.2
Apache Geronimo 2.1.3
Apache Geronimo 2.1.1
1 EDB exploit
785
VMScore
CVE-2008-0513
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector th...
Phpcms Phpcms 1.2.2
1 EDB exploit
685
VMScore
CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Pixelpost Pixelpost 1.7.1
1 EDB exploit
755
VMScore
CVE-2008-3384
Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.
Cce-interact Interact 2.4.1
1 EDB exploit
435
VMScore
CVE-2008-3404
Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote malicious users to inject arbitrary web script or HTML via the link parameter.
Mdsjack Mjguest 6.8
1 EDB exploit
505
VMScore
CVE-2008-1145
Directory traversal vulnerability in WEBrick in Ruby 1.8 prior to 1.8.5-p115 and 1.8.6-p114, and 1.9 up to and including 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote malicious users to access arbitrary f...
Ruby-lang Webrick -
Fedoraproject Fedora 8
Fedoraproject Fedora 7
1 EDB exploit
435
VMScore
CVE-2008-0359
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin.php or (2) index.php in photo/.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
755
VMScore
CVE-2008-0360
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »