Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-2909
Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Word field in Zensur, or (3) Portal or (4) Topic field in Kommentar.
Viscacha Viscacha 0.8.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-2938
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
6.8
CVSSv2
CVE-2012-6508
Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote malicious users to hijack the authentication of administrators for requests that (1) change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/in...
Netartmedia Car Portal 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2012-6509
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote malicious users to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
Netartmedia Car Portal 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-6510
Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; (4) Name when creating a...
Netartmedia Car Portal 3.0
1 EDB exploit
6.8
CVSSv2
CVE-2012-6518
Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS 1.0 allows remote malicious users to hijack the authentication of administrators for requests that create a poll via an add action to the poll module.
Diy-cms Diy-cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Iscripts Reservelogic 1.0
2 EDB exploits
6.8
CVSSv2
CVE-2019-14422
An issue exists in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?pa...
Tortoisesvn Tortoisesvn 1.12.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-1226
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote malicious users to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/ac...
Dolibarr Dolibarr Erp\\/crm 3.2.0
2 EDB exploits
3.5
CVSSv2
CVE-2017-13754
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter prior to 6.50b allows remote malicious users to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.ht...
Wibu Codemeter
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »