Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-12588
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 up to and including 3.1.1-2 prior to 3.1.1-3 allows remote malicious users to inject arbitrary web script or HTML via the cat...
Public Knowledge Project Open Monograph Press
4.3
CVSSv2
CVE-2022-24181
Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote malicious users to inject arbitary code via the X-Forwarded-Host Header.
Public Knowledge Project Open Journal Systems
2 Github repositories
4.3
CVSSv2
CVE-2006-2184
Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote malicious users to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE tha...
Chadha Software Technologies Phpkb Knowledge Base
4.3
CVSSv2
CVE-2022-26616
PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows malicious users to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.
Public Knowledge Project Open Journal Systems
7.5
CVSSv2
CVE-2001-0519
Aladdin eSafe Gateway versions 2.x allows a remote malicious user to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags.
Aladdin Knowledge Systems Esafe Gateway 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2001-0520
Aladdin eSafe Gateway versions 3.0 and previous versions allows a remote malicious user to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or ...
Aladdin Knowledge Systems Esafe Gateway 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2001-0521
Aladdin eSafe Gateway versions 3.0 and previous versions allows a remote malicious user to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.
Aladdin Knowledge Systems Esafe Gateway 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-6195
Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote malicious users to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.
Fixit Knowledge Solutions Idms Pro Image Gallery
2 EDB exploits
6.8
CVSSv2
CVE-2006-6196
Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote malicious users to inject arbitrary web script or HTML via a search field (txtsearchtext parameter).
Fixit Knowledge Solutions Idms Pro Image Gallery
7.5
CVSSv2
CVE-2008-5088
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote malicious users to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
Knowledgebase-script Phpkb Knowledge Base Software 1.5
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »