Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trustwave.com vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-1503
Multiple directory traversal vulnerabilities in IceWarp Mail Server prior to 11.2 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) scrip...
Icewarp Mail Server
1 EDB exploit
NA
CVE-2013-4620
Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote malicious users to inject arbitrary web script or HTML via the note parameter.
Open-emr Openemr 4.1.1
1 EDB exploit
NA
CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
8.1
CVSSv3
CVE-2013-4859
INSTEON Hub 2242-222 lacks Web and API authentication
Insteon Hub Firmware 2242-222
1 EDB exploit
6.3
CVSSv3
CVE-2013-4867
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
Ea Karotz Smart Rabbit Firmware 12.07.19.00
1 EDB exploit
NA
CVE-2013-4884
Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report.
Mcafee Superscan 4.0
1 EDB exploit
NA
CVE-2012-3951
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and previous versions has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote malicious users to execute arbitrary SQL commands via a TCP sessi...
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not ensure that the specified MySQL database service is appropriate, which allows remote malicious users to configure an arbitrary database via the dbhost and dbname parameters, ...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
NA
CVE-2010-4507
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via...
Clear Ispot Firmware 1.9.9.4
Clear Ispot 2.0.0.0
Clear Clearspot Firmware 1.9.9.4
Clear Clearspot 2.0.0.0
1 EDB exploit
NA
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 does not require token authentication, which allows remote malicious users to add administrative accounts via a userprefs action.
Sonicwall Scrutinizer
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »