Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3350
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Valarsoft Webmatic 3.1.1
1 EDB exploit
NA
CVE-2012-0997
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote malicious users to hijack the authentication of administrators for requests that add new topics via an addTopic action.
11in1 11in1 1.2.1
1 EDB exploit
NA
CVE-2012-5451
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi prior to 2.1.0.3974 allow remote malicious users to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
Tvmobili Tvmobili
1 EDB exploit
9.8
CVSSv3
CVE-2012-5699
BabyGekko prior to 1.2.4 allows PHP file inclusion.
Babygekko Babygekko
1 EDB exploit
NA
CVE-2014-2987
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) prior to 1.1.20140505, EGroupware Community Edition prior to 1.8.007.20140506, and EGroupware prior to 14.1 beta allow remote malicious users to hijack the authentication of administrat...
Egroupware Egroupware
1 EDB exploit
8.8
CVSSv3
CVE-2014-3119
Multiple SQL injection vulnerabilities in web2Project 3.1 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote malicious users to execute arbitrary SQL comm...
Web2project Web2project
1 EDB exploit
NA
CVE-2013-5639
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the gnew_language cookie.
Raoul Proenca Gnew
1 EDB exploit
7.5
CVSSv3
CVE-2015-8770
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube prior to 1.0.8 and 1.1.x prior to 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .....
Roundcube Roundcube Webmail 1.1.3
Roundcube Roundcube Webmail 1.1.2
Roundcube Roundcube Webmail
Roundcube Roundcube Webmail 1.1.1
Roundcube Roundcube Webmail 1.1.0
1 EDB exploit
NA
CVE-2013-4881
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create an administrative user via an add user action ...
Bigtreecms Bigtree Cms 4.0
Bigtreecms Bigtree Cms
1 EDB exploit
NA
CVE-2014-6242
Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin prior to 3.8.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby or (2) order parameter in the aiowpsec page to wp-admin/admin.php. NOTE: ...
Tips And Tricks Hq All In One Wordpress Security And Firewall
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »