Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-8358
Directory traversal vulnerability in the bitrix.mpbuilder module prior to 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php...
Bitrix Mpbuilder
1 EDB exploit
NA
CVE-2015-83501
WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability.
NA
CVE-2015-7984
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde prior to 5.2.8, Horde Groupware prior to 5.2.11, and Horde Groupware Webmail Edition prior to 5.2.11 allow remote malicious users to hijack the authentication of administrators for requests that execute arbitrary...
Horde Groupware
Horde Horde Application Framework
Debian Debian Linux 8.0
1 EDB exploit
NA
CVE-2015-79841
Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.
NA
CVE-2015-5534
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall prior to 1.8 allow remote malicious users to hijack the authentication of administrators for requests that (1) put the website under maintenance via the maintenance_enable parameter or (2) conduct cross-site scr...
Oxwall Oxwall
1 EDB exploit
NA
CVE-2015-6545
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb prior to 7.0.4 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action.
Webgroupmedia Cerb
1 EDB exploit
NA
CVE-2015-5535
Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php.
Qtranslate Project Qtranslate
NA
CVE-2015-55321
WordPress Paid Memberships Pro plugin version 1.8.4.2 suffers from a cross site scripting vulnerability.
NA
CVE-2015-3897
Directory traversal vulnerability in Bonita BPM Portal prior to 6.5.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.
Bonitasoft Bonita Bpm Portal
1 EDB exploit
NA
CVE-2015-3422
Cross-site scripting (XSS) vulnerability in SearchBlox prior to 8.2.1 allows remote malicious users to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp.
Searchblox Searchblox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »