Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and previous versions allows remote malicious users to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.7.2
Monkey-project Monkey
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.1.1
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
1 EDB exploit
10
CVSSv2
CVE-2008-4318
Observer 0.3.2.1 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Project-observer Observer 0.2.3
Project-observer Observer 0.2.2
Project-observer Observer 0.3.1
Project-observer Observer 0.30-pre-1
Project-observer Observer 0.1.2
Project-observer Observer 0.1.1
Project-observer Observer 0.1.0
Project-observer Observer 0.2.5
Project-observer Observer 0.2.4
Project-observer Observer
Project-observer Observer 0.3.2
Project-observer Observer 0.2.1
Project-observer Observer 0.2.0
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2004-0285
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote malicious users to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Allmyguests Project Allmyguests 0.4.1
Allmyguests Project Allmyguests 0.4
Allmyguests Project Allmyguests 0.3
Allmyguests Project Allmyguests 0.1.2
Allmylinks Project Allmylinks 0.3
Allmylinks Project Allmylinks 0.4
Allmylinks Project Allmylinks 0.4.1
Allmylinks Project Allmylinks 0.4.3
Allmylinks Project Allmylinks 0.4.4
Allmylinks Project Allmylinks 0.4.9
Allmylinks Project Allmylinks 0.5
Allmyvisitors Project Allmyvisitors 0.4
Allmyvisitors Project Allmyvisitors 0.3
3 EDB exploits
4.3
CVSSv2
CVE-2003-0614
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 up to and including 1.3.4 allows remote malicious users to insert arbitrary web script via the searchstring parameter.
Gallery Project Gallery 1.1
Gallery Project Gallery 1.2.5
Gallery Project Gallery 1.3
Gallery Project Gallery 1.2
Gallery Project Gallery 1.2.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.2.3
Gallery Project Gallery 1.2.4
Gallery Project Gallery 1.2.1 P1
Gallery Project Gallery 1.2.2
Gallery Project Gallery 1.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2012-5385
install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.2.4
Webcalendar Project Webcalendar 1.2.3
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.1.2
7.5
CVSSv2
CVE-2011-1522
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x prior to 1.2.4 and 2.x prior to 2.0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Doctrine-project Doctrine1.2.1
Doctrine-project Doctrine1.2.3
Doctrine-project Doctrine1.2.0
Doctrine-project Doctrine1.2.2
Doctrine-project Doctrine 2.0.0
Doctrine-project Doctrine 2.0.1
Doctrine-project Doctrine 2.0.2
5
CVSSv2
CVE-2014-9742
The Miller-Rabin primality check in Botan prior to 1.10.8 and 1.11.x prior to 1.11.9 improperly uses a single random base, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms via a DH group.
Botan Project Botan 1.11.7
Botan Project Botan 1.11.0
Botan Project Botan 1.11.5
Botan Project Botan 1.11.4
Botan Project Botan 1.11.3
Botan Project Botan 1.11.2
Botan Project Botan 1.11.8
Botan Project Botan 1.11.6
Botan Project Botan 1.11.1
Botan Project Botan
7.5
CVSSv2
CVE-2013-2226
Multiple SQL injection vulnerabilities in GLPI prior to 0.83.9 allow remote malicious users to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to aj...
Glpi-project Glpi
Glpi-project Glpi 0.83.7
Glpi-project Glpi 0.83.6
Glpi-project Glpi 0.83.5
Glpi-project Glpi 0.83.1
Glpi-project Glpi 0.83
Glpi-project Glpi 0.83.4
Glpi-project Glpi 0.83.3
Glpi-project Glpi 0.83.31
Glpi-project Glpi 0.83.2
1 EDB exploit
5
CVSSv2
CVE-2005-4021
The installer for Gallery 2.0 prior to 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information.
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Rc1
4.3
CVSSv2
CVE-2006-1127
Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »