Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2948
A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote malicious users to obtain username and password information.
Alan Ward A-cart
7.5
CVSSv2
CVE-2007-5786
Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_...
A-enterprise Gosamba 1.0.1
1 EDB exploit
3.5
CVSSv2
CVE-2015-5181
The JBoss console in A-MQ allows remote malicious users to execute arbitrary JavaScript.
Redhat Jboss A-mq
4.6
CVSSv2
CVE-2001-0370
fcheck before 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.
Michael A. Gumienny Fcheck
5
CVSSv2
CVE-2018-19440
ARM Trusted Firmware-A allows information disclosure.
Arm Trusted Firmware-a
NA
CVE-2023-36494
Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 F5os-a 1.4.0
4.3
CVSSv2
CVE-2019-6034
a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors.
Appleple A-blog Cms
4.3
CVSSv2
CVE-2009-2292
Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Appleple A-news 2.32
6.8
CVSSv2
CVE-2019-5618
A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.
A-pdf Wav To Mp3 1.0.0
7.5
CVSSv2
CVE-2017-10898
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-member
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »