Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7387
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and previous versions allows remote malicious users to hijack web sessions via the PHPSESSID cookie.
Dleviet Datalife Engine
2 EDB exploits
6.1
CVSSv3
CVE-2023-4136
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 up to and including 4.0.2, from 3.1.0 up to ...
Craftercms Craftercms
8.8
CVSSv3
CVE-2020-26165
qdPM up to and including 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used.
Qdpm Qdpm
9.8
CVSSv3
CVE-2013-3214
vtiger CRM 5.4.0 and previous versions contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
Vtiger Vtiger Crm
2 EDB exploits
1 Github repository
5.3
CVSSv3
CVE-2023-47271
PKP-WAL (aka PKP Web Application Library or pkp-lib) prior to 3.3.0-16, as used in Open Journal Systems (OJS) and other products, does not verify that the file named in an XML document (used for the native import/export plugin) is an image file, before trying to use it for an iss...
Sfu Pkp Web Application Library
NA
CVE-2014-8791
project/register.php in Tuleap prior to 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter.
Enalean Tuleap 7.6
1 EDB exploit
NA
CVE-2014-3783
SQL injection vulnerability in admin/categories.php in Dotclear prior to 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter.
Dotclear Dotclear 2.6
Dotclear Dotclear 2.5.3
Dotclear Dotclear 2.3.1
Dotclear Dotclear 2.3.0
Dotclear Dotclear 2.1.4
Dotclear Dotclear 2.1.3
Dotclear Dotclear 2.0
Dotclear Dotclear 1.2.8
Dotclear Dotclear 1.2.7
Dotclear Dotclear
Dotclear Dotclear 2.5.0
Dotclear Dotclear 2.4.4
Dotclear Dotclear 2.2.1
Dotclear Dotclear 2.2
Dotclear Dotclear 2.0.2
Dotclear Dotclear 2.0.1
Dotclear Dotclear 1.2.4
Dotclear Dotclear 1.2.3
Dotclear Dotclear 2.6.1
Dotclear Dotclear 2.4.3
Dotclear Dotclear 2.4.2
Dotclear Dotclear 2.1.7
9.8
CVSSv3
CVE-2019-18662
An issue exists in YouPHPTube up to and including 7.7. User input passed through the live_stream_code POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized (in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php) before being used to construct a SQL que...
Youphptube Youphptube
NA
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ...
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.4
2 EDB exploits
NA
CVE-2012-3996
TikiWiki CMS/Groupware 8.3 and previous versions allows remote malicious users to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
Tiki Tikiwiki Cms\\/groupware 7.2
Tiki Tikiwiki Cms\\/groupware 7.0
Tiki Tikiwiki Cms\\/groupware 5.0
Tiki Tikiwiki Cms\\/groupware 4.1
Tiki Tikiwiki Cms\\/groupware 3.3
Tiki Tikiwiki Cms\\/groupware 3.5
Tiki Tikiwiki Cms\\/groupware 6.1
Tiki Tikiwiki Cms\\/groupware 6.0
Tiki Tikiwiki Cms\\/groupware 5.3
Tiki Tikiwiki Cms\\/groupware 5.2
Tiki Tikiwiki Cms\\/groupware 2.2
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 8.1
Tiki Tikiwiki Cms\\/groupware 8.0
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4
Tiki Tikiwiki Cms\\/groupware 3.1
Tiki Tikiwiki Cms\\/groupware 3.0
Tiki Tikiwiki Cms\\/groupware 7.1
Tiki Tikiwiki Cms\\/groupware 6.2
Tiki Tikiwiki Cms\\/groupware 5.1
Tiki Tikiwiki Cms\\/groupware 4.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »