Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4280
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote malicious users to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-2938
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2013-1471
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail prior to 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote malicious users to inject arbitrary web script or HTML via (1) the Add field for the B...
Fortinet Fortimail 3.0
Fortinet Fortimail 4.0
Fortinet Fortimail
1 EDB exploit
NA
CVE-2012-2908
Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter.
Viscacha Viscacha 0.8.1.1
1 EDB exploit
NA
CVE-2012-2939
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2012-2909
Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Word field in Zensur, or (3) Portal or (4) Topic field in Kommentar.
Viscacha Viscacha 0.8.1.1
1 EDB exploit
NA
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Iscripts Reservelogic 1.0
2 EDB exploits
NA
CVE-2012-1226
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote malicious users to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/ac...
Dolibarr Dolibarr Erp\\/crm 3.2.0
2 EDB exploits
8.8
CVSSv3
CVE-2019-14422
An issue exists in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?pa...
Tortoisesvn Tortoisesvn 1.12.1
1 EDB exploit
6.1
CVSSv3
CVE-2017-15374
Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent exe...
Shopware Shopware 5.2.22
Shopware Shopware 5.2.21
Shopware Shopware 5.2.13
Shopware Shopware 5.2.12
Shopware Shopware 5.2.5
Shopware Shopware 5.3.0
Shopware Shopware 5.2.27
Shopware Shopware 5.2.20
Shopware Shopware 5.2.19
Shopware Shopware 5.2.18
Shopware Shopware 5.2.11
Shopware Shopware 5.2.10
Shopware Shopware 5.2.26
Shopware Shopware 5.2.25
Shopware Shopware 5.2.17
Shopware Shopware 5.2.16
Shopware Shopware 5.2.9
Shopware Shopware 5.2.8
Shopware Shopware 5.2.24
Shopware Shopware 5.2.23
Shopware Shopware 5.2.15
Shopware Shopware 5.2.14
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »