Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2011-4558
Tiki 8.2 and previous versions allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.
Tiki Tiki
1 EDB exploit
578
VMScore
CVE-2015-6497
The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) prior to 1.9.2.1 and Enterprise Edition (EE) prior to 1.14.2.1, when used with PHP prior to 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP cod...
Magento Magento
668
VMScore
CVE-2019-18662
An issue exists in YouPHPTube up to and including 7.7. User input passed through the live_stream_code POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized (in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php) before being used to construct a SQL que...
Youphptube Youphptube
760
VMScore
CVE-2012-0694
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote malicious users to execute arbitrary PHP code.
Sugarcrm Sugarcrm
2 EDB exploits
356
VMScore
CVE-2019-17271
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.
Vbulletin Vbulletin
685
VMScore
CVE-2019-17132
vBulletin up to and including 5.5.4 mishandles custom avatars.
Vbulletin Vbulletin
1 EDB exploit
668
VMScore
CVE-2014-3990
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and previous versions allows remote malicious users to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted ser...
Opencart Opencart
516
VMScore
CVE-2018-2699
Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is before 5.1.4.00.08. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Application Express. Successful ...
Oracle Application Express
383
VMScore
CVE-2015-7711
Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the h parameter.
Atutor Atutor
801
VMScore
CVE-2016-5313
Symantec Web Gateway (SWG) prior to 5.2.5 allows remote authenticated users to execute arbitrary OS commands.
Symantec Web Gateway
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »