Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inject vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote malicious users to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array...
Ubbcentral Ubb.threads 6.5.1.1
1 EDB exploit
6.1
CVSSv3
CVE-2023-22376
Reflected cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated malicious user to inject arbitrary script to inject an arbitrary script. NOTE: This vulnerability only affects products that are no lo...
Planex Cs-wmv02g Firmware
NA
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
NA
CVE-2005-0673
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote malicious users to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages...
Phpbb Group Phpbb 2.0.13
4.9
CVSSv3
CVE-2020-9205
There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to in...
Huawei Manageone 8.0.1
NA
CVE-2007-0798
Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1.0.5 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified p...
Uapplication Ublog Reload 1.0.5
NA
CVE-2009-1408
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote malicious users to inject arbitrary web script or HTML allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated u...
Webspell Webspell 4.2.0c
1 EDB exploit
NA
CVE-2009-4115
Multiple static code injection vulnerabilities in the Categories module in CutePHP CuteNews 1.4.6 allow remote authenticated users with application administrative privileges to inject arbitrary PHP code into data/category.db.php via the (1) category and (2) Icon URL fields; or (3...
Cutephp Cutenews 1.4.6
1 EDB exploit
7.8
CVSSv3
CVE-2020-9200
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploi...
Huawei Imanager Neteco 6000 V600r021c00
7.5
CVSSv3
CVE-2020-36567
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote malicious users to inject arbitrary log lines.
Gin-gonic Gin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »