Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trustwave.com vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allow remote malicious users to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_ex...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
4.3
CVSSv2
CVE-2012-1260
Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allows remote malicious users to inject arbitrary web script or HTML via the newUser p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
7.5
CVSSv2
CVE-2014-1204
SQL injection vulnerability in Tableau Server 8.0.x prior to 8.0.7 and 8.1.x prior to 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
Tableausoftware Tableau Server 8.0.2
Tableausoftware Tableau Server 8.0.3
Tableausoftware Tableau Server 8.0.6
Tableausoftware Tableau Server 8.1
Tableausoftware Tableau Server 8.0.4
Tableausoftware Tableau Server 8.0.5
Tableausoftware Tableau Server 8.0
Tableausoftware Tableau Server 8.0.1
Tableausoftware Tableau Server 8.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
5
CVSSv2
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
4
CVSSv2
CVE-2013-4861
Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
4.3
CVSSv2
CVE-2013-4865
Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
6.2
CVSSv2
CVE-2013-4867
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
Ea Karotz Smart Rabbit Firmware 12.07.19.00
1 EDB exploit
4.3
CVSSv2
CVE-2013-4884
Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report.
Mcafee Superscan 4.0
1 EDB exploit
9.3
CVSSv2
CVE-2013-4859
INSTEON Hub 2242-222 lacks Web and API authentication
Insteon Hub Firmware 2242-222
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »