Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5367
Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow remote authenticated administrators to execute arbitrary SQL commands via the sortField parameter to (1) viewCustomers, (2) viewPayGrades, or (3) viewSystemUsers in symfony/web/index.php/admin/, as demonstrated ...
Orangehrm Orangehrm 2.7.1
1 EDB exploit
NA
CVE-2012-4336
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flogr 2.5.6 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) an arbitrary parameter.
Mike Carr Flogr 2.5.5
Mike Carr Flogr 2.5.4
Mike Carr Flogr 2.3.3
Mike Carr Flogr 2.5.3
Mike Carr Flogr 2.5.2
Mike Carr Flogr
Mike Carr Flogr 2.4
Mike Carr Flogr 2.3
Mike Carr Flogr 2.5.1
Mike Carr Flogr 2.5
1 EDB exploit
NA
CVE-2012-4231
Cross-site scripting (XSS) vulnerability in admin/index.php in jCore prior to 1.0pre2 allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Jcore Jcore
1 EDB exploit
NA
CVE-2010-1724
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not prope...
Zikula Zikula Application Framework 1.2.2
2 EDB exploits
NA
CVE-2013-2559
SQL injection vulnerability in Symphony CMS prior to 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Getsymphony Symphony 2.0.4
Getsymphony Symphony 2.0.5
Getsymphony Symphony 2.0.6
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.0
Getsymphony Symphony 2.0.3
Getsymphony Symphony
Getsymphony Symphony 2.3
Getsymphony Symphony 2.1.0
Getsymphony Symphony 2.1.1
1 EDB exploit
NA
CVE-2012-4034
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote malicious users to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter ...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-4035
The new_password page in PBBoard 2.1.4 allows remote malicious users to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php.
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-4036
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability c...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2013-1408
Multiple SQL injection vulnerabilities in the Wysija Newsletters plugin prior to 2.2.1 for WordPress allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search or (2) orderby parameter to wp-admin/admin.php. NOTE: this can be leveraged using CS...
Wysija Newsletters Project Wysija Newsletters 2.1.4
Wysija Newsletters Project Wysija Newsletters 2.1.3
Wysija Newsletters Project Wysija Newsletters 2.0.7
Wysija Newsletters Project Wysija Newsletters 2.0.6
Wysija Newsletters Project Wysija Newsletters 2.1.8
Wysija Newsletters Project Wysija Newsletters 2.1.7
Wysija Newsletters Project Wysija Newsletters 2.1
Wysija Newsletters Project Wysija Newsletters 2.1.6
Wysija Newsletters Project Wysija Newsletters 2.1.5
Wysija Newsletters Project Wysija Newsletters 2.0.9
Wysija Newsletters Project Wysija Newsletters 2.0.8
Wysija Newsletters Project Wysija Newsletters 2.0
Wysija Newsletters Project Wysija Newsletters 2.0.9.5
Wysija Newsletters Project Wysija Newsletters 2.0.3
Wysija Newsletters Project Wysija Newsletters 2.0.2
Wysija Newsletters Project Wysija Newsletters 2.0.1
Wysija Newsletters Project Wysija Newsletters
Wysija Newsletters Project Wysija Newsletters 2.1.9
Wysija Newsletters Project Wysija Newsletters 2.1.2
Wysija Newsletters Project Wysija Newsletters 2.1.1
Wysija Newsletters Project Wysija Newsletters 2.0.5
Wysija Newsletters Project Wysija Newsletters 2.0.4
1 EDB exploit
NA
CVE-2011-5213
Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id ...
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 5.000.01
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.624.50
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.615.10
Browsercrm Browsercrm 4.604.01
Browsercrm Browsercrm 5.000.00
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.624.01
Browsercrm Browsercrm 4.624.00
Browsercrm Browsercrm 4.614.00
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 5.100.00
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »