Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
campaign vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3497
SQL injection vulnerability in process_signup.php in PHP Handicapper allows remote malicious users to execute arbitrary SQL commands via the serviceid parameter. NOTE: on 20060210, the vendor disputed this issue, saying "this is 100% false reporting, this is a slander campai...
Phphandicapper Php Handicapper
6.8
CVSSv2
CVE-2013-5954
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-d...
Revive-adserver Revive Adserver
Openx Openx 2.8.1
Openx Openx 2.8.10
Openx Openx 2.8.8
Openx Openx 2.8.7
Openx Openx 2.8.3
Openx Openx 2.8.4
Openx Openx 2.8.9
Openx Openx
Openx Openx 2.8.2
Openx Openx 2.8.6
Openx Openx 2.8
Openx Openx 2.8.5
1 EDB exploit
4.3
CVSSv2
CVE-2019-11198
Multiple cross-site scripting (XSS) vulnerabilities in Sitecore CMS 9.0.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) #300583 - List Manager Dashboard module, (2) #307638 - Campaign Creator module, (3) #316994 - Attributes...
Sitecore Cms
4.3
CVSSv2
CVE-2021-42357
When using Apache Knox SSO before 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL w...
Apache Knox
6.5
CVSSv2
CVE-2013-4467
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and previous versions allow (1) remote malicious users to execute arbitrary SQL commands via the campaign variable in SCRIPT_multirecording_AJA...
Vicidial Vicidial
Vicidial Vicidial 2.7
Vicidial Vicidial 2.8
1 EDB exploit
NA
CVE-2024-21078
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketin...
NA
CVE-2024-21079
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketin...
9.3
CVSSv2
CVE-2012-0754
Adobe Flash Player prior to 10.3.183.15 and 11.x prior to 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; prior to 11.1.111.6 on Android 2.x and 3.x; and prior to 11.1.115.6 on Android 4.x allows malicious users to execute arbitrary code or cause a denial of service (memory...
Adobe Flash Player
1 EDB exploit
1 Article
7.5
CVSSv2
CVE-2020-10257
The ThemeREX Addons plugin prior to 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe...
Themerex Addons 1.70.3
Themerex Ozeum-museum
Themerex Chit Club-board Games
Themerex Addons 1.6.67
Themerex Yottis-simple Portfolio
Themerex Addons 1.6.66
Themerex Helion-agency \\&portfolio
Themerex Amuli
Themerex Addons 1.6.65
Themerex Nelson-barbershop \\+ Tattoo Salon
Themerex Hallelujah-church
Themerex Right Way
Themerex Prider-pride Fest
Themerex Addons 1.6.62.3
Themerex Mystik-esoterics
Themerex Skydiving And Flying Company
Themerex Addons 1.6.62.1
Themerex Dronex-aerial Photography Services
Themerex Addons 1.6.61.2
Themerex Samadhi-buddhist
Themerex Addons 1.6.61.3
Themerex Tantum-rent A Car\\, Rent A Bike\\, Rent A Scooter Multiskin Theme
9.3
CVSSv2
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Synology Directory Server
Samba Samba
Debian Debian Linux 9.0
Oracle Zfs Storage Appliance Kit 8.8
157 Github repositories
16 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »