Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-10898
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-member
7.5
CVSSv2
CVE-2017-10899
SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and previous versions allows an malicious user to execute arbitrary SQL commands via unspecified vectors.
Ark-web A-reserve
NA
CVE-2022-2240
The Request a Quote WordPress plugin up to and including 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it
Emarketdesign Request A Quote
NA
CVE-2023-36494
Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 F5os-a 1.4.0
6.4
CVSSv2
CVE-2016-1178
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to obtain or modify sensitive data via unspecified vectors.
Appleple A-blog Cms
7.5
CVSSv2
CVE-2007-5786
Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_...
A-enterprise Gosamba 1.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2016-1179
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Appleple A-blog Cms
5
CVSSv2
CVE-2006-2948
A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote malicious users to obtain username and password information.
Alan Ward A-cart
NA
CVE-2023-20852
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.
Aenrich A\\+hrd 6.8.1039v844
7.5
CVSSv2
CVE-2000-0101
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Make-a-store Orderpage
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »