Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2010-4365
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
Harmistechnology Com Jeajaxeventcalendar
2 EDB exploits
760
VMScore
CVE-2010-2513
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the view parameter to index.php.
Harmistechnology Com Jeajaxeventcalendar 1.0.5
2 EDB exploits
755
VMScore
CVE-2008-5653
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote malicious users to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third ...
Myiosoft.com Ajaxportal 3.0
1 EDB exploit
755
VMScore
CVE-2009-1509
SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myiosoft Ajaxportal 3.0
1 EDB exploit
685
VMScore
CVE-2010-2129
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained fr...
Harmistechnology Com Jeajaxeventcalendar 1.0.1
Harmistechnology Com Jeajaxeventcalendar 1.0.3
1 EDB exploit
755
VMScore
CVE-2009-3822
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.
Fijiwebdesign Com Ajaxchat 1.0
1 EDB exploit
515
VMScore
CVE-2007-0177
Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki prior to 1.6.9, 1.7 prior to 1.7.2, 1.8 prior to 1.8.3, and 1.9 prior to 1.9.0rc2, when wgUseAjax is enabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mediawiki Mediawiki 1.6.6
Mediawiki Mediawiki 1.7.0
Mediawiki Mediawiki 1.6.0
Mediawiki Mediawiki 1.6.1
Mediawiki Mediawiki 1.7.1
Mediawiki Mediawiki 1.8.0
Mediawiki Mediawiki 1.6.5
Mediawiki Mediawiki 1.6.5 R14348
Mediawiki Mediawiki 1.9.0
Mediawiki Mediawiki 1.6.2
Mediawiki Mediawiki 1.6.3
Mediawiki Mediawiki 1.6.4
Mediawiki Mediawiki 1.8.1
Mediawiki Mediawiki 1.8.2
1 EDB exploit
435
VMScore
CVE-2009-3256
Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote malicious users to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter.
Livestreet Livestreet 0.2
1 EDB exploit
605
VMScore
CVE-2008-5998
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x prior to 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, r...
Drupal Ajax Checklist 5.x-1.0
1 EDB exploit
445
VMScore
CVE-2019-8292
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
Online Store System Project Online Store System 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »