Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
october vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37692
An arbitrary file upload vulnerability in October CMS v3.4.4 allows malicious users to execute arbitrary code via a crafted file.
Octobercms October 3.4.4
NA
CVE-2023-25365
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local malicious user to execute arbitrary code via the file type .mp3
Octobercms October 3.2.0
655
VMScore
CVE-2017-1000119
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server.
Octobercms October 1.0.412
1 EDB exploit
355
VMScore
CVE-2017-15284
Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account.
Octobercms October 1.0.425
1 EDB exploit
685
VMScore
CVE-2017-16244
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an malicious user to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF hea...
Octobercms October 1.0.426
1 EDB exploit
1000
VMScore
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
129 Github repositories
3 Articles
890
VMScore
CVE-2013-3195
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate ...
Microsoft Windows Server 2008
Microsoft Windows Rt -
Microsoft Windows Xp -
Microsoft Windows 8 -
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2012 -
1 Article
435
VMScore
CVE-2018-10366
An issue exists in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
User Project User 1.4.5
1 EDB exploit
828
VMScore
CVE-2019-1331
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.
Microsoft Office 2013
Microsoft Office 2016
Microsoft Office 2019
Microsoft Office 365 Proplus -
Microsoft Office Online Server
Microsoft Excel 2016
Microsoft Excel 2013
Microsoft Excel 2010
Microsoft Office 2010
Microsoft Excel Services -
1 Article
828
VMScore
CVE-2009-2496
Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Accelerati...
Microsoft Office Web Components Xp
Microsoft Office Web Components 2003
Microsoft Visual Studio .net 2003
Microsoft Office -
Microsoft Internet Security And Acceleration Server 2004
Microsoft Office 2003
Microsoft Office Xp
Microsoft Office Web Components 2000
Microsoft Internet Security And Acceleration Server 2006
Microsoft Biztalk Server 2002
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »