Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messenger vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2008-6797
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote malicious users to obtain sensitive information by sniffing the network.
Mitel Mitel Nupoint Messenger R3
Mitel Mitel Nupoint Messenger R11
605
VMScore
CVE-2021-45886
An issue exists in PONTON X/P Messenger prior to 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user (such as operator) can be used to confirm actions of higher-privile...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
668
VMScore
CVE-2021-45887
An issue exists in PONTON X/P Messenger prior to 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an i...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
312
VMScore
CVE-2021-45888
An issue exists in PONTON X/P Messenger prior to 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the rol...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
312
VMScore
CVE-2021-45889
An issue exists in PONTON X/P Messenger prior to 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or private/index.jsp?activ...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
383
VMScore
CVE-2020-20093
The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.
Facebook Messenger
231
VMScore
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
435
VMScore
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
668
VMScore
CVE-2004-0043
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature.
Yahoo Messenger
NA
CVE-2022-41707
Relatedcode's Messenger version 7bcd20b allows an authenticated external malicious user to access sensitive data of any user of the application. This is possible because the application exposes user data to the public.
Relatedcode Messenger -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »