Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0793
Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component prior to 1.7.3 for Joomla! allow remote malicious users to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.
Stackideas Komento 1.7.1
Stackideas Komento 1.7.0
Stackideas Komento
1 EDB exploit
NA
CVE-2014-0794
SQL injection vulnerability in the JV Comment (com_jvcomment) component prior to 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php.
Joomla Com Jvcomment 3.0.2
1 EDB exploit
NA
CVE-2012-5877
Nero MediaHome 4.5.8.0 and previous versions allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
Nero Mediahome
1 EDB exploit
NA
CVE-2012-5243
functions/suggest.php in Banana Dance B.2.6 and previous versions allows remote malicious users to read arbitrary database information via a crafted request.
Bananadance Banana Dance
1 EDB exploit
NA
CVE-2012-5244
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widget...
Bananadance Banana Dance
1 EDB exploit
NA
CVE-2012-5451
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi prior to 2.1.0.3974 allow remote malicious users to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
Tvmobili Tvmobili
1 EDB exploit
8.8
CVSSv3
CVE-2015-4117
Vesta Control Panel prior to 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
Vestacp Control Panel
1 EDB exploit
NA
CVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote malicious users to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
Phplist Phplist 2.8.2
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
1 EDB exploit
NA
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
Phplist Phplist 2.7.1
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
1 EDB exploit
9.8
CVSSv3
CVE-2012-5699
BabyGekko prior to 1.2.4 allows PHP file inclusion.
Babygekko Babygekko
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »