Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
craig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5253
c32web.exe in McMurtrey/Whitaker Cart32 prior to 6.4 allows remote malicious users to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by an image file extension, as demonstrated by a request for a ".txt%...
Mcmurtrey Whitaker And Associates Cart32
1 EDB exploit
NA
CVE-2007-1225
The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote malicious users to conduct unauthorized activities and avoid detection.
Grok Developments Netproxy 4.03
1 EDB exploit
NA
CVE-2004-1661
MailWorks Professional allows remote malicious users to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1."
Sitecubed Mailworks Professional
1 EDB exploit
NA
CVE-2012-1038
Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x prior to 7.6.3, 7.7.x prior to 7.7.1, 7.5.x prior to 7.5.3, and other unspecified versions prior to 7.4 and 7.3 allows remote malic...
Juniper Networks Mobility System Software 7.6
Juniper Networks Mobility System Software 7.5.1.6
Juniper Networks Mobility System Software 7.5
Juniper Networks Mobility System Software 7.7
Juniper Networks Mobility System Software 7.3
Juniper Networks Mobility System Software 7.4
1 EDB exploit
NA
CVE-2007-1224
Grok Developments NetProxy 4.03 allows remote malicious users to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80).
Grok Developments Netproxy 4.03
1 EDB exploit
NA
CVE-2007-1250
SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Angel Learning Learning Management Suite 7.1
1 EDB exploit
NA
CVE-2014-2278
Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) prior to 4.3.4 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension specified by the partitionIndex parameter and leveraging CV...
Seeddms Seeddms
NA
CVE-2014-2279
Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) prior to 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary files via a .. (dot dot) in the logname parameter to out/out.LogManagement.php...
Seeddms Seeddms
NA
CVE-2013-6226
Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) prior to 5.0.4 allows remote malicious users to read or delete arbitrary files via unspecified vectors.
Ajaxplorer Ajaxplorer 3.1.1
Ajaxplorer Ajaxplorer 2.5
Ajaxplorer Ajaxplorer 3.3.2
Ajaxplorer Ajaxplorer 3.0.1
Ajaxplorer Ajaxplorer 4.2.3
Ajaxplorer Ajaxplorer 4.0.4
Ajaxplorer Ajaxplorer 3.3.4
Ajaxplorer Ajaxplorer 5.0.1
Ajaxplorer Ajaxplorer 3.0
Ajaxplorer Ajaxplorer 2.7.2
Ajaxplorer Ajaxplorer 3.1
Ajaxplorer Ajaxplorer 3.2.3
Ajaxplorer Ajaxplorer 2.6.0
Ajaxplorer Ajaxplorer 2.5.4
Ajaxplorer Ajaxplorer 4.2.2
Ajaxplorer Ajaxplorer 2.3.3
Ajaxplorer Ajaxplorer 5.0.2
Ajaxplorer Ajaxplorer 3.2.1
Ajaxplorer Ajaxplorer 3.2.5
Ajaxplorer Ajaxplorer
Ajaxplorer Ajaxplorer 4.0.3
Ajaxplorer Ajaxplorer 2.3.4
NA
CVE-2014-2736
Multiple SQL injection vulnerabilities in MODX Revolution prior to 2.2.14 allow remote malicious users to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticated users to execute arbitrary SQL commands via the (2) user parameter to c...
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.0.5
Modx Modx Revolution 2.0.6
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.2.3
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.2.5
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.0.4
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.2.11
Modx Modx Revolution
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.0.1
Modx Modx Revolution 2.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »