Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-3431
Absolute path traversal vulnerability in Rockliffe MailSite Express prior to 6.1.22 allows remote malicious users to read arbitrary files via a full pathname in the AttachPath field of a mail message under composition.
Rockliffe Mailsite Express
4
CVSSv2
CVE-2021-26073
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a serv...
Atlassian Connect Express
4.3
CVSSv2
CVE-2014-4308
Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) prior to 6.5.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter t...
Nice Recording Express
5
CVSSv2
CVE-2005-3288
Mailsite Express allows remote malicious users to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
Rockliffe Mailsite Express
4.9
CVSSv2
CVE-2020-2971
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle ...
Oracle Application Express
NA
CVE-2023-21983
Vulnerability in the Application Express Administration product of Oracle Application Express (component: None). Supported versions that are affected are Application Express Administration: 18.2-22.2. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Oracle Application Express
4.9
CVSSv2
CVE-2020-14898
Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HT...
Oracle Application Express
5.8
CVSSv2
CVE-2018-2699
Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is before 5.1.4.00.08. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Application Express. Successful ...
Oracle Application Express
5.8
CVSSv2
CVE-2016-3448
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 5.0.4 allows remote malicious users to affect confidentiality and integrity via unknown vectors.
Oracle Application Express
5
CVSSv2
CVE-2016-3467
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 5.0.4 allows remote malicious users to affect availability via unknown vectors.
Oracle Application Express
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »