Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-5100
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka prior to 2.2.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS...
Omeka Omeka
1 EDB exploit
5
CVSSv2
CVE-2006-2758
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote malicious users to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
Jetty Jetty 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2015-1058
Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) data[Category][title] parameter to admin/categories/add, (2) data[Field][title] parameter to admin/fields/ajax_fields/, (3) name p...
Insanevisions Adaptcms 3.0.3
1 EDB exploit
5.8
CVSSv2
CVE-2015-1060
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
Insanevisions Adaptcms 3.0.3
1 EDB exploit
7.2
CVSSv2
CVE-2014-5453
Ubisoft Uplay PC prior to 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.
Ubi Uplay Pc
Ubi Uplay Pc 4.5.2.3010
1 EDB exploit
6.5
CVSSv2
CVE-2015-7904
Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file.
Infinite Automation Systems Mango Automation 2.5.5
Infinite Automation Systems Mango Automation 2.5.0
Infinite Automation Systems Mango Automation 2.6.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-3836
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko prior to 1.2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the users module; (2) virtual_filename, (3) branch, (4) contact_person, (5) st...
Babygekko Baby Gekko 1.1.3
Babygekko Baby Gekko 1.1.1
Babygekko Baby Gekko 0.98
Babygekko Baby Gekko 0.90
Babygekko Baby Gekko 1.1.0
Babygekko Baby Gekko 1.0.1
Babygekko Baby Gekko 1.0.0
Babygekko Baby Gekko 0.99
Babygekko Baby Gekko 1.1.4
Babygekko Baby Gekko 1.1.2
Babygekko Baby Gekko 0.91
Babygekko Baby Gekko
1 EDB exploit
4.3
CVSSv2
CVE-2012-3837
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5...
Babygekko Baby Gekko 0.90
Babygekko Baby Gekko 1.1.5
Babygekko Baby Gekko
Babygekko Baby Gekko 1.0.0
Babygekko Baby Gekko 0.98
Babygekko Baby Gekko 1.1.3
Babygekko Baby Gekko 1.1.2
Babygekko Baby Gekko 1.1.1
Babygekko Baby Gekko 1.1.0
Babygekko Baby Gekko 1.1.4
Babygekko Baby Gekko 1.0.1
Babygekko Baby Gekko 0.99
Babygekko Baby Gekko 0.91
1 EDB exploit
5
CVSSv2
CVE-2012-3838
Gekko prior to 1.2.0 allows remote malicious users to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
Babygekko Baby Gekko 1.0.0
Babygekko Baby Gekko 0.99
Babygekko Baby Gekko 0.98
Babygekko Baby Gekko 0.91
Babygekko Baby Gekko 1.1.1
Babygekko Baby Gekko 1.0.1
Babygekko Baby Gekko 0.90
Babygekko Baby Gekko 1.1.4
Babygekko Baby Gekko 1.1.3
Babygekko Baby Gekko 1.1.2
Babygekko Baby Gekko 1.1.0
Babygekko Baby Gekko
1 EDB exploit
10
CVSSv2
CVE-2016-1606
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x prior to 9.4 HF 13960 allow remote malicious users to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value t...
Microfocus Rumba 9.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »