Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3882
SQL injection vulnerability in answer.php in FAQSystems FAQRing Knowledge Base Software 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Faqsystems Faqring Knowledge Base Software
1 EDB exploit
5.4
CVSSv2
CVE-2014-7418
The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Magzter Bbc Knowledge Magazine 3.01
7.5
CVSSv2
CVE-2014-9186
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution...
Honeywell Experion Process Knowledge System
7.5
CVSSv2
CVE-2014-9187
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly en...
Honeywell Experion Process Knowledge System
10
CVSSv2
CVE-2014-9189
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial o...
Honeywell Experion Process Knowledge System
4.3
CVSSv2
CVE-2008-5264
Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the p parameter in a root action.
Tornado Tornado Knowledge Retrieval System
1 EDB exploit
7.5
CVSSv2
CVE-2014-5435
An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommen...
Honeywell Experion Process Knowledge System
5
CVSSv2
CVE-2014-5436
A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running uns...
Honeywell Experion Process Knowledge System
5.1
CVSSv2
CVE-2006-4844
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Claroline Claroline 1.2
Claroline Claroline 1.3
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Claroline Claroline 1.7
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Claroline Claroline
Claroline Claroline 1.4
Claroline Claroline 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2022-26616
PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows malicious users to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.
Public Knowledge Project Open Journal Systems
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »