Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
click project click - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2005-0752
The Plugin Finder Service (PFS) in Firefox prior to 1.0.3 allows remote malicious users to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.2
Mozilla Firefox 0.10
Mozilla Firefox 1.0
605
VMScore
CVE-2021-25965
In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the appli...
Calibre-web Project Calibre-web
605
VMScore
CVE-2019-17590
The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineer...
Csrf Magic Project Csrf Magic
605
VMScore
CVE-2008-5506
Mozilla Firefox 3.x prior to 3.0.5 and 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allows remote malicious users to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource t...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Debian Debian Linux 4.0
Debian Debian Linux 5.0
605
VMScore
CVE-2008-5512
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x prior to 3.0.5 and 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allow remote malicious users to run arbitrary JavaScript with chrome privileges via unknown vectors in which ...
Mozilla Seamonkey
Mozilla Firefox
Mozilla Thunderbird
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Debian Debian Linux 5.0
Debian Debian Linux 4.0
605
VMScore
CVE-2008-2803
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox prior to 2.0.0.15, Thunderbird 2.0.0.14 and previous versions, and SeaMonkey prior to 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrom...
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 2.0.0.13
Mozilla Thunderbird 2.0.0.9
Mozilla Firefox
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.3
Mozilla Thunderbird 2.0.0.1
Mozilla Thunderbird 2.0.0.11
Mozilla Thunderbird 2.0.0.6
Mozilla Thunderbird 2.0.0.8
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.6
605
VMScore
CVE-2008-2810
Mozilla Firefox prior to 2.0.0.15 and SeaMonkey prior to 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote malicious users to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shor...
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.8
Mozilla Firefox 2.0.0.9
Mozilla Seamonkey 1.1.8
Mozilla Firefox
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.6
Mozilla Firefox 2.0.0.7
Mozilla Seamonkey 1.1.6
Mozilla Seamonkey 1.1.7
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.2
570
VMScore
CVE-2006-2781
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird prior to 1.5.0.4 and SeaMonkey prior to 1.0.2 allows remote malicious users to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.
Mozilla Thunderbird
Mozilla Seamonkey
534
VMScore
CVE-2008-5507
Mozilla Firefox 3.x prior to 3.0.5 and 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allow remote malicious users to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to ...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Debian Debian Linux 4.0
Debian Debian Linux 5.0
516
VMScore
CVE-2022-1791
The One Click Plugin Updater WordPress plugin up to and including 2.4.14 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates a...
One Click Plugin Updater Project One Click Plugin Updater
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »