Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-4455
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote malicious users to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.
Livejournal Livejournal
383
VMScore
CVE-2020-2184
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and previous versions allows malicious users to create and manipulate tags, and to connect to an attacker-specified URL.
Jenkins Current Versions Systems
383
VMScore
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
187
VMScore
CVE-2020-5283
ViewVC prior to 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has...
Viewvc Viewvc
445
VMScore
CVE-2004-1426
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and previous versions allows remote malicious users to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.
Korweblog Korweblog 1.6.1
Korweblog Korweblog 1.6.2cvs
756
VMScore
CVE-2020-4689
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.
Ibm Security Guardium 11.2
409
VMScore
CVE-2004-0913
Unknown vulnerability in ecartis 0.x prior to 0.129a+1.0.0-snap20020514-1.3 and 1.x prior to 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration.
Ecartis Ecartis 0.129a
Ecartis Ecartis 1.0.0 Snapshot 2002-01-21
Ecartis Ecartis 1.0.0 Snapshot 2003-03-12
Ecartis Ecartis 1.0.0 Snapshot 2003-03-18
Ecartis Ecartis 1.0.0 Snapshot 2002-01-25
Ecartis Ecartis 1.0.0 Snapshot 2002-04-27
Ecartis Ecartis 1.0.0 Snapshot 2003-04-16
Ecartis Ecartis 1.0.0 Snapshot 2003-04-17
Ecartis Ecartis 1.0.0 Snapshot 2002-05-14
Ecartis Ecartis 1.0.0 Snapshot 2002-10-13
Ecartis Ecartis 1.0.0 Snapshot 2003-02-27
Ecartis Ecartis 1.0.0 Snapshot 2003-03-03
Ecartis Ecartis 1.0.0 Snapshot 2003-03-09
605
VMScore
CVE-2002-1681
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote malicious users to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
Open Source Development Network Slashcode 2.2.2
Open Source Development Network Slashcode 2.2.3
Open Source Development Network Slashcode 2.2.4
Open Source Development Network Slashcode 2.2.5
Open Source Development Network Slashcode 2.2.1
641
VMScore
CVE-2003-1161
exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
Linux Linux Kernel 2.6 Test9 Cvs
294
VMScore
CVE-2009-3304
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.
Gforge Gforge 4.5.14
Gforge Gforge 4.8.2
Gforge Gforge 4.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »