Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mustlive vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-3351
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player up to and including 5.10.2295 allow remote malicious users to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javas...
Longtailvideo Jw Player
1 EDB exploit
NA
CVE-2012-4842
Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x up to and including 8.5.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2.4
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.5.0
Ibm Lotus Domino 8.5.2.2
Ibm Lotus Domino 8.5.2.1
Ibm Lotus Domino 8.5.0.1
Ibm Lotus Domino 8.5.1.5
Ibm Lotus Domino 8.5.2.0
Ibm Lotus Domino 8.5.2.3
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.4
NA
CVE-2012-4844
Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x up to and including 8.5.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Domino 8.5.1.4
Ibm Lotus Domino 8.5.0
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 8.5.2.2
Ibm Lotus Domino 8.5.2.4
Ibm Lotus Domino 8.5.0.1
Ibm Lotus Domino 8.5.1.5
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.2.3
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2.1
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 8.5.2.0
NA
CVE-2010-4836
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name_new parameter.
Phpshop Phpshop
1 EDB exploit
NA
CVE-2010-4867
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
W-agora W-agora 4.0.3
W-agora W-agora 4.1.0
W-agora W-agora 4.1.7
W-agora W-agora
W-agora W-agora 4.2.0
W-agora W-agora 4.1.1
W-agora W-agora 4.1.2
W-agora W-agora 4.1.3
W-agora W-agora 4.0.2
W-agora W-agora 4.0.2a
W-agora W-agora 4.1.6
W-agora W-agora 4.1.6a
W-agora W-agora 4.0.0
W-agora W-agora 4.0.1
W-agora W-agora 4.1.4
W-agora W-agora 4.1.5
1 EDB exploit
NA
CVE-2010-4868
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the bn parameter.
W-agora W-agora 4.0.3
W-agora W-agora 4.1.0
W-agora W-agora 4.1.6a
W-agora W-agora 4.1.7
W-agora W-agora
W-agora W-agora 4.2.0
W-agora W-agora 4.1.1
W-agora W-agora 4.1.2
W-agora W-agora 4.0.2
W-agora W-agora 4.0.2a
W-agora W-agora 4.1.5
W-agora W-agora 4.1.6
W-agora W-agora 4.0.0
W-agora W-agora 4.0.1
W-agora W-agora 4.1.3
W-agora W-agora 4.1.4
1 EDB exploit
NA
CVE-2012-6550
Cross-site scripting (XSS) vulnerability in ZeroClipboard prior to 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.
Zeroclipboard Project Zeroclipboard
Zeroclipboard Project Zeroclipboard 1.0.5
1 EDB exploit
NA
CVE-2010-4899
SQL injection vulnerability in c.php in CMS WebManager-Pro prior to 8.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Webmanager-pro Cms Webmanager-pro
1 EDB exploit
NA
CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and previous versions, as used in WordPress prior to 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote malicious users to inject arbitrary web script or HTML via the movieName paramet...
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1.3
Swfupload Project Swfupload 1.0.2
Swfupload Project Swfupload 2.0.2
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.2
Swfupload Project Swfupload 2.1.0
Wordpress Wordpress 3.0.5
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.3
Swfupload Project Swfupload 2.2.0
Swfupload Project Swfupload
Wordpress Wordpress -
Wordpress Wordpress 3.0
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress
1 EDB exploit
2 Github repositories
1 Article
NA
CVE-2013-1942
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer prior to 2.2.20, as used in ownCloud Server prior to 5.0.4 and other products, allow remote malicious users to inject arbitrary web script or HTML vi...
Happyworm Jplayer 2.1.6
Happyworm Jplayer 2.1.0
Happyworm Jplayer 2.0.7
Happyworm Jplayer 2.0.8
Happyworm Jplayer 2.0.16
Happyworm Jplayer 2.0.17
Happyworm Jplayer 2.0.24
Happyworm Jplayer 2.0.25
Happyworm Jplayer 2.0.32
Happyworm Jplayer 2.0.33
Happyworm Jplayer 2.1.4
Happyworm Jplayer 2.1.5
Happyworm Jplayer 2.0.5
Happyworm Jplayer 2.0.6
Happyworm Jplayer 2.0.13
Happyworm Jplayer 2.0.14
Happyworm Jplayer 2.0.15
Happyworm Jplayer 2.0.22
Happyworm Jplayer 2.0.23
Happyworm Jplayer 2.0.30
Happyworm Jplayer 2.0.31
Happyworm Jplayer 1.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4