Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-1001
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp prior to 2.1.2 and prior to 2.5 Beta 2 allow remote malicious users to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.
Chyrp Chyrp 2.5.2
Chyrp Chyrp
2 EDB exploits
NA
CVE-2014-2579
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to index2.php or (2) ...
Xcloner Xcloner
1 EDB exploit
NA
CVE-2013-0807
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php...
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms 2.3.1
Gpeasy Gpeasy Cms 2.2
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 3.0
Gpeasy Gpeasy Cms 3.0.1
Gpeasy Gpeasy Cms 2.0.1
Gpeasy Gpeasy Cms 2.3.2
Gpeasy Gpeasy Cms 2.4
Gpeasy Gpeasy Cms 3.5.1
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 2.3.3
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 2.1
Gpeasy Gpeasy Cms 2.3
Gpeasy Gpeasy Cms 3.0.2
Gpeasy Gpeasy Cms 3.0.3
Gpeasy Gpeasy Cms 1.6.1
Gpeasy Gpeasy Cms 3.5
Gpeasy Gpeasy Cms 3.0.5
Gpeasy Gpeasy Cms 3.0.4
Gpeasy Gpeasy Cms 1.6.2
1 EDB exploit
NA
CVE-2013-3515
Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2.8.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) package parameter to www/admin/plugin-index.php or the (2) group parameter to www/admin/plugin-settings...
Openx Openx 2.8.3
Openx Openx 2.6.5
Openx Openx
Openx Openx 2.8.5
Openx Openx 2.6.2
Openx Openx 2.6.0
Openx Openx 2.4.9
Openx Openx 2.4.4
Openx Openx 2.4.11
Openx Openx 2.8
Openx Openx 2.4
Openx Openx 2.8.2
Openx Openx 2.4.6
Openx Openx 2.4.8
Openx Openx 2.4.7
Openx Openx 2.7.29
Openx Openx 2.6.3
Openx Openx 2.6.1
Openx Openx 2.6.4
Openx Openx 2.4.10
Openx Openx 2.8.1
Openx Openx 2.8.4
1 EDB exploit
NA
CVE-2013-3727
SQL injection vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2013-3728
Cross-site scripting (XSS) vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat parameter in an admin_new_category action to admin.php.
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2013-3729
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS prior to 2 r1232 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail ...
Kasseler-cms Kasseler-cms
1 EDB exploit
NA
CVE-2015-3300
Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) billing_firstnam...
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
NA
CVE-2015-3301
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box_path parameter in the check...
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
7.5
CVSSv3
CVE-2015-3302
The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allows remote malicious users to obtain sensitive order detail information by leveraging a "broken authentication mechanism."
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »