Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and previous versions allows remote malicious users to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.7.2
Monkey-project Monkey
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.1.1
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
1 EDB exploit
10
CVSSv2
CVE-2008-4318
Observer 0.3.2.1 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Project-observer Observer 0.2.3
Project-observer Observer 0.2.2
Project-observer Observer 0.3.1
Project-observer Observer 0.30-pre-1
Project-observer Observer 0.1.2
Project-observer Observer 0.1.1
Project-observer Observer 0.1.0
Project-observer Observer 0.2.5
Project-observer Observer 0.2.4
Project-observer Observer
Project-observer Observer 0.3.2
Project-observer Observer 0.2.1
Project-observer Observer 0.2.0
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2003-0614
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 up to and including 1.3.4 allows remote malicious users to insert arbitrary web script via the searchstring parameter.
Gallery Project Gallery 1.1
Gallery Project Gallery 1.2.5
Gallery Project Gallery 1.3
Gallery Project Gallery 1.2
Gallery Project Gallery 1.2.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.2.3
Gallery Project Gallery 1.2.4
Gallery Project Gallery 1.2.1 P1
Gallery Project Gallery 1.2.2
Gallery Project Gallery 1.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2004-0285
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote malicious users to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Allmyguests Project Allmyguests 0.4.1
Allmyguests Project Allmyguests 0.4
Allmyguests Project Allmyguests 0.3
Allmyguests Project Allmyguests 0.1.2
Allmylinks Project Allmylinks 0.3
Allmylinks Project Allmylinks 0.4
Allmylinks Project Allmylinks 0.4.1
Allmylinks Project Allmylinks 0.4.3
Allmylinks Project Allmylinks 0.4.4
Allmylinks Project Allmylinks 0.4.9
Allmylinks Project Allmylinks 0.5
Allmyvisitors Project Allmyvisitors 0.4
Allmyvisitors Project Allmyvisitors 0.3
3 EDB exploits
7.5
CVSSv2
CVE-2012-5385
install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.2.4
Webcalendar Project Webcalendar 1.2.3
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.1.2
7.5
CVSSv2
CVE-2011-1522
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x prior to 1.2.4 and 2.x prior to 2.0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Doctrine-project Doctrine1.2.1
Doctrine-project Doctrine1.2.3
Doctrine-project Doctrine1.2.0
Doctrine-project Doctrine1.2.2
Doctrine-project Doctrine 2.0.0
Doctrine-project Doctrine 2.0.1
Doctrine-project Doctrine 2.0.2
7.5
CVSSv2
CVE-2004-1925
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php,...
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
16 EDB exploits
7.5
CVSSv2
CVE-2013-2226
Multiple SQL injection vulnerabilities in GLPI prior to 0.83.9 allow remote malicious users to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to aj...
Glpi-project Glpi
Glpi-project Glpi 0.83.7
Glpi-project Glpi 0.83.6
Glpi-project Glpi 0.83.5
Glpi-project Glpi 0.83.1
Glpi-project Glpi 0.83
Glpi-project Glpi 0.83.4
Glpi-project Glpi 0.83.3
Glpi-project Glpi 0.83.31
Glpi-project Glpi 0.83.2
1 EDB exploit
5
CVSSv2
CVE-2014-9742
The Miller-Rabin primality check in Botan prior to 1.10.8 and 1.11.x prior to 1.11.9 improperly uses a single random base, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms via a DH group.
Botan Project Botan 1.11.7
Botan Project Botan 1.11.0
Botan Project Botan 1.11.5
Botan Project Botan 1.11.4
Botan Project Botan 1.11.3
Botan Project Botan 1.11.2
Botan Project Botan 1.11.8
Botan Project Botan 1.11.6
Botan Project Botan 1.11.1
Botan Project Botan
5
CVSSv2
CVE-2013-0183
multipart/parser.rb in Rack 1.3.x prior to 1.3.8 and 1.4.x prior to 1.4.3 allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.4.2
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »