Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ...
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.4
2 EDB exploits
NA
CVE-2006-1114
Multiple directory traversal vulnerabilities in Loudblog prior to 0.42 allow remote malicious users to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (...
Gerrit Van Aaken Loudblog 0.41
2 EDB exploits
NA
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Groupware 1.2.10
Horde Horde 3.3.12
1 EDB exploit
NA
CVE-2012-1198
base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote malicious users to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action.
Secureideas Basic Analysis And Security Engine 1.4.5
1 EDB exploit
6.5
CVSSv3
CVE-2022-20790
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote malicious user to read arbitrary files from the und...
Cisco Unified Communications Manager
6.7
CVSSv3
CVE-2022-20930
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by inject...
Cisco Sd-wan Vbond Orchestrator 20.8
Cisco Sd-wan Vsmart Controller 20.8
Cisco Sd-wan Vsmart Controller
Cisco Sd-wan Vmanage
Cisco Sd-wan Vbond Orchestrator
Cisco Sd-wan Vbond Orchestrator 20.9
Cisco Sd-wan Vsmart Controller 20.9
Cisco Catalyst Sd-wan Manager 20.9
Cisco Catalyst Sd-wan Manager 20.8
Cisco Sd-wan
Cisco Sd-wan 20.8
Cisco Sd-wan 20.9
NA
CVE-2003-0770
FUNC.pm in IkonBoard 3.1.2a and previous versions, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote malicious users to execute arbitrary code when the cookie is inserted into a Perl "eval" st...
Ikonboard.com Ikonboard 3.1.1
Ikonboard.com Ikonboard 3.1.2a
2 EDB exploits
NA
CVE-2014-49712
A vulnerability within the MQAC module allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile. Microsoft M...
NA
CVE-2006-0660
Multiple directory traversal vulnerabilities in FarsiNews 2.5 and previous versions allows remote malicious users to (1) read arbitrary files or trigger an error message path disclosure via ".." or invalid names in the archive parameter to index.php, or (2) include arbi...
Farsinews Farsinews 2.1
Farsinews Farsinews 2.1 Beta2
Farsinews Farsinews 2.5
2 EDB exploits
NA
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »