Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmed vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2012-5917
SnackAmp 3.1.3 allows remote malicious users to cause a denial of service (application crash) via a long string in an aiff file.
Tom Wilkason Snackamp 3.1.3
1 EDB exploit
312
VMScore
CVE-2017-9609
Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.
Blackcat-cms Blackcat Cms 1.2
1 Github repository
755
VMScore
CVE-2015-1875
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the transactionID parameter.
Palosanto Elastix
1 EDB exploit
655
VMScore
CVE-2014-10033
SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and previous versions allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action.
Oscommerce Online Merchant
1 EDB exploit
356
VMScore
CVE-2018-19371
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.
Sdl Web Content Manager 8.5.0
383
VMScore
CVE-2013-7243
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php. NOTE: The Custom Permalink Structure and Ema...
Get-simple Getsimple Cms 3.1.2
Get-simple Getsimple Cms 3.2.3
685
VMScore
CVE-2012-5891
Multiple cross-site request forgery (CSRF) vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) add a user via an add action, (2) change user passwords vi...
Dalbum Dalbum
Dalbum Dalbum 1.04
Dalbum Dalbum 1.05
Dalbum Dalbum 1.22
Dalbum Dalbum 1.21
Dalbum Dalbum 1.20
Dalbum Dalbum 1.10
Dalbum Dalbum 1.07
Dalbum Dalbum 1.31
Dalbum Dalbum 1.3
Dalbum Dalbum 1.08
Dalbum Dalbum 1.06
Dalbum Dalbum 1.34
Dalbum Dalbum 1.32
Dalbum Dalbum 1.03
Dalbum Dalbum 1.09
Dalbum Dalbum 1.35
Dalbum Dalbum 1.33
1 EDB exploit
435
VMScore
CVE-2012-2940
MediaChance Real-DRAW PRO 5.2.4 allows remote malicious users to cause a denial of service (application crash) via a crafted (1) PNG, (2) WMF, (3) PSD, (4) TGA, (5) TTF, (6) BMP, (7) TIFF, or (8) PCX file.
Mediachance Real-draw Pro 5.2.4
1 EDB exploit
655
VMScore
CVE-2015-1479
SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) prior to 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter.
Zohocorp Servicedesk Plus
1 EDB exploit
894
VMScore
CVE-2021-46422
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote malicious user to execute OS commands without any authentication.
Telesquare Sdt-cs3b1 Firmware 1.1.0
14 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »