Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5865
SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action.
Achievo Achievo 1.4.5
1 EDB exploit
NA
CVE-2012-5874
Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board prior to 2.1.22 allow remote malicious users to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) ind...
Elite-board Elite Bulletin Board 2.1.0
Elite-board Elite Bulletin Board 2.1.2
Elite-board Elite Bulletin Board 2.1.7
Elite-board Elite Bulletin Board 2.1.9
Elite-board Elite Bulletin Board 2.1.16
Elite-board Elite Bulletin Board 2.1.18
Elite-board Elite Bulletin Board 2.0.0
Elite-board Elite Bulletin Board 2.0.1
Elite-board Elite Bulletin Board 2.0.2
Elite-board Elite Bulletin Board 2.1.11
Elite-board Elite Bulletin Board 2.1.12
Elite-board Elite Bulletin Board 2.1.13
Elite-board Elite Bulletin Board 2.1.14
Elite-board Elite Bulletin Board 2.1.3
Elite-board Elite Bulletin Board 2.1.4
Elite-board Elite Bulletin Board 2.1.5
Elite-board Elite Bulletin Board 2.1.6
Elite-board Elite Bulletin Board 2.1.20
Elite-board Elite Bulletin Board
Elite-board Elite Bulletin Board 2.0.3
Elite-board Elite Bulletin Board 2.1.1
Elite-board Elite Bulletin Board 2.1.8
1 EDB exploit
NA
CVE-2012-5876
Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and previous versions allow remote malicious users to cause a denial of service (crash) via a long string in the (1) request line or (2) HTTP Referer header to TCP port 54444, which triggers a heap-b...
Nero Mediahome
1 EDB exploit
NA
CVE-2012-5877
Nero MediaHome 4.5.8.0 and previous versions allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
Nero Mediahome
1 EDB exploit
NA
CVE-2014-2340
Cross-site request forgery (CSRF) vulnerability in the XCloner plugin prior to 3.1.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php.
Xcloner Xcloner
Xcloner Xcloner 2.1.2
Xcloner Xcloner 3.0
Xcloner Xcloner 3.0.3
Xcloner Xcloner 3.0.1
Xcloner Xcloner 3.0.6
Xcloner Xcloner 3.0.8
Xcloner Xcloner 3.0.7
Xcloner Xcloner 3.0.5
Xcloner Xcloner 3.0.2
Xcloner Xcloner 3.0.4
Xcloner Xcloner 2.2.1
Xcloner Xcloner 2.1
1 EDB exploit
NA
CVE-2014-2579
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to index2.php or (2) ...
Xcloner Xcloner
1 EDB exploit
NA
CVE-2014-2987
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) prior to 1.1.20140505, EGroupware Community Edition prior to 1.8.007.20140506, and EGroupware prior to 14.1 beta allow remote malicious users to hijack the authentication of administrat...
Egroupware Egroupware
1 EDB exploit
NA
CVE-2013-3294
Multiple SQL injection vulnerabilities in Exponent CMS prior to 2.2.0 release candidate 1 allow remote malicious users to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.
Exponentcms Exponent Cms 2.1.0
Exponentcms Exponent Cms 2.1.1
Exponentcms Exponent Cms 2.0.0
Exponentcms Exponent Cms 0.99.0
Exponentcms Exponent Cms 2.0.6
Exponentcms Exponent Cms 2.0.7
Exponentcms Exponent Cms 2.1.4
Exponentcms Exponent Cms
Exponentcms Exponent Cms 2.0.3
Exponentcms Exponent Cms 2.0.8
Exponentcms Exponent Cms 2.0.9
Exponentcms Exponent Cms 2.0.2
Exponentcms Exponent Cms 2.0.1
Exponentcms Exponent Cms 2.0.4
Exponentcms Exponent Cms 2.0.5
Exponentcms Exponent Cms 2.1.2
Exponentcms Exponent Cms 2.1.3
Exponentcms Exponent Cms 0.98.0
Exponentcms Exponent Cms 0.97.0
1 EDB exploit
9.8
CVSSv3
CVE-2013-7137
The "remember me" functionality in login.php in Burden prior to 1.8.1 allows remote malicious users to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.
Burden Project Burden
1 EDB exploit
NA
CVE-2013-7139
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and previous versions allows remote to execute arbitrary SQL commands via the category parameter.
Cynthia Fridsma Horizon Quick Content Management System
Cynthia Fridsma Horizon Quick Content Management System 3.2
Cynthia Fridsma Horizon Quick Content Management System 3.5.1
Cynthia Fridsma Horizon Quick Content Management System 3.3
Cynthia Fridsma Horizon Quick Content Management System 3.5.2
Cynthia Fridsma Horizon Quick Content Management System 3.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »