Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6430
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE...
Opensolution Quick Cms 5.0
Opensolution Quick Cart 6.0
1 EDB exploit
NA
CVE-2012-4989
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote malicious users to inject arbitrary web script or HTML via the parent parameter in an info action.
Openx Openx 2.8.10
1 EDB exploit
NA
CVE-2011-1670
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
A.kulikov Interra Blog Machine 1.84
2 EDB exploits
NA
CVE-2013-7097
Directory traversal vulnerability in 7 Media Web Solutions eduTrac prior to 1.1.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the showmask parameter to installer/overview.php.
7mediaws Edutrac 1.0.3
7mediaws Edutrac 1.0.2
7mediaws Edutrac
7mediaws Edutrac 1.0.9
7mediaws Edutrac 1.0.8
7mediaws Edutrac 1.0.6
7mediaws Edutrac 1.0.4
7mediaws Edutrac 1.0.1
7mediaws Edutrac 1.0.0
7mediaws Edutrac 1.0.7
7mediaws Edutrac 1.0.5
1 EDB exploit
7.2
CVSSv3
CVE-2013-2267
PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote malicious users to execute arbitrary code on the system.
Fudforum Fudforum 3.0.4
1 EDB exploit
NA
CVE-2013-3639
Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) id, (2) interface, (3) name, or (4) tabmodule parameter to index.php.
Xaraya Xaraya
1 EDB exploit
NA
CVE-2012-6429
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies prior to 2.5.1.12123_2_7 allows remote malicious users to execute arbitrary code via a long string to the password argument.
Samsung Kies
1 EDB exploit
NA
CVE-2012-4234
Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum prior to 5.2.19 allows remote malicious users to inject arbitrary web script or HTML via the group parameter.
Phorum Phorum
Phorum Phorum 5.2.10
Phorum Phorum 5.2.12
Phorum Phorum 5.2.15
Phorum Phorum 5.2.14
Phorum Phorum 5.2
Phorum Phorum 5.2.13
Phorum Phorum 5.2.16
Phorum Phorum 5.2.1
Phorum Phorum 5.2.11
1 EDB exploit
8.1
CVSSv3
CVE-2014-1632
htdocs/setup/index.php in Eventum prior to 2.3.5 allows remote malicious users to inject and execute arbitrary PHP code via the hostname parameter.
Eventum Project Eventum
1 EDB exploit
NA
CVE-2011-0772
Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions prior to 2.2.2, allow remote malicious users to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.ph...
Pivotx Pivotx 2.1.1
Pivotx Pivotx 2.1.0
Pivotx Pivotx 2.2.1
Pivotx Pivotx 2.2.0
Pivotx Pivotx 2.1.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »