Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
905
VMScore
CVE-2015-8358
Directory traversal vulnerability in the bitrix.mpbuilder module prior to 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php...
Bitrix Mpbuilder
1 EDB exploit
755
VMScore
CVE-2013-3727
SQL injection vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Kasseler-cms Kasseler-cms
1 EDB exploit
355
VMScore
CVE-2013-3728
Cross-site scripting (XSS) vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat parameter in an admin_new_category action to admin.php.
Kasseler-cms Kasseler-cms
1 EDB exploit
685
VMScore
CVE-2013-3729
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS prior to 2 r1232 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail ...
Kasseler-cms Kasseler-cms
1 EDB exploit
655
VMScore
CVE-2014-3415
SQL injection vulnerability in Sharetronix prior to 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group.
Sharetronix Sharetronix 3.1.1
Sharetronix Sharetronix
1 EDB exploit
505
VMScore
CVE-2012-5243
functions/suggest.php in Banana Dance B.2.6 and previous versions allows remote malicious users to read arbitrary database information via a crafted request.
Bananadance Banana Dance
1 EDB exploit
685
VMScore
CVE-2012-1933
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2)...
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
755
VMScore
CVE-2012-1934
SQL injection vulnerability in admin/country/edit.php in Newscoop prior to 3.5.5 and 4.x prior to 4 RC4 allows remote malicious users to execute arbitrary SQL commands via the f_country_code parameter.
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
435
VMScore
CVE-2012-1935
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4.x prior to 4 RC4 allow remote malicious users to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_...
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
1 EDB exploit
685
VMScore
CVE-2012-5698
BabyGekko prior to 1.2.4 has SQL injection.
Babygekko Babygekko
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »