Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and previous versions allows remote malicious users to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
Monkey-project Monkey 0.7.1
Monkey-project Monkey 0.7.2
Monkey-project Monkey
Monkey-project Monkey 0.8.0
Monkey-project Monkey 0.7.0
Monkey-project Monkey 0.5.2
Monkey-project Monkey 0.1.1
Monkey-project Monkey 0.6.0
Monkey-project Monkey 0.6.1
Monkey-project Monkey 0.6.2
Monkey-project Monkey 0.6.3
1 EDB exploit
435
VMScore
CVE-2003-0614
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 up to and including 1.3.4 allows remote malicious users to insert arbitrary web script via the searchstring parameter.
Gallery Project Gallery 1.1
Gallery Project Gallery 1.2.5
Gallery Project Gallery 1.3
Gallery Project Gallery 1.2
Gallery Project Gallery 1.2.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.2.3
Gallery Project Gallery 1.2.4
Gallery Project Gallery 1.2.1 P1
Gallery Project Gallery 1.2.2
Gallery Project Gallery 1.3.4
1 EDB exploit
765
VMScore
CVE-2004-0285
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote malicious users to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Allmyguests Project Allmyguests 0.4.1
Allmyguests Project Allmyguests 0.4
Allmyguests Project Allmyguests 0.3
Allmyguests Project Allmyguests 0.1.2
Allmylinks Project Allmylinks 0.3
Allmylinks Project Allmylinks 0.4
Allmylinks Project Allmylinks 0.4.1
Allmylinks Project Allmylinks 0.4.3
Allmylinks Project Allmylinks 0.4.4
Allmylinks Project Allmylinks 0.4.9
Allmylinks Project Allmylinks 0.5
Allmyvisitors Project Allmyvisitors 0.4
Allmyvisitors Project Allmyvisitors 0.3
3 EDB exploits
668
VMScore
CVE-2012-5385
install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Webcalendar Project Webcalendar 1.2.2
Webcalendar Project Webcalendar 1.2.0
Webcalendar Project Webcalendar 1.1.1
Webcalendar Project Webcalendar 1.0
Webcalendar Project Webcalendar 1.2.4
Webcalendar Project Webcalendar 1.2.3
Webcalendar Project Webcalendar 1.1.6
Webcalendar Project Webcalendar 1.1.5
Webcalendar Project Webcalendar 1.1.4
Webcalendar Project Webcalendar 1.1.3
Webcalendar Project Webcalendar 1.2.1
Webcalendar Project Webcalendar 1.2
Webcalendar Project Webcalendar 1.1.2
1000
VMScore
CVE-2008-4318
Observer 0.3.2.1 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Project-observer Observer 0.2.3
Project-observer Observer 0.2.2
Project-observer Observer 0.3.1
Project-observer Observer 0.30-pre-1
Project-observer Observer 0.1.2
Project-observer Observer 0.1.1
Project-observer Observer 0.1.0
Project-observer Observer 0.2.5
Project-observer Observer 0.2.4
Project-observer Observer
Project-observer Observer 0.3.2
Project-observer Observer 0.2.1
Project-observer Observer 0.2.0
1 EDB exploit
1 Github repository
668
VMScore
CVE-2011-1522
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x prior to 1.2.4 and 2.x prior to 2.0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Doctrine-project Doctrine1.2.1
Doctrine-project Doctrine1.2.3
Doctrine-project Doctrine1.2.0
Doctrine-project Doctrine1.2.2
Doctrine-project Doctrine 2.0.0
Doctrine-project Doctrine 2.0.1
Doctrine-project Doctrine 2.0.2
830
VMScore
CVE-2004-1925
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php,...
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
16 EDB exploits
445
VMScore
CVE-2014-9742
The Miller-Rabin primality check in Botan prior to 1.10.8 and 1.11.x prior to 1.11.9 improperly uses a single random base, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms via a DH group.
Botan Project Botan 1.11.7
Botan Project Botan 1.11.0
Botan Project Botan 1.11.5
Botan Project Botan 1.11.4
Botan Project Botan 1.11.3
Botan Project Botan 1.11.2
Botan Project Botan 1.11.8
Botan Project Botan 1.11.6
Botan Project Botan 1.11.1
Botan Project Botan
755
VMScore
CVE-2013-2226
Multiple SQL injection vulnerabilities in GLPI prior to 0.83.9 allow remote malicious users to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to aj...
Glpi-project Glpi
Glpi-project Glpi 0.83.7
Glpi-project Glpi 0.83.6
Glpi-project Glpi 0.83.5
Glpi-project Glpi 0.83.1
Glpi-project Glpi 0.83
Glpi-project Glpi 0.83.4
Glpi-project Glpi 0.83.3
Glpi-project Glpi 0.83.31
Glpi-project Glpi 0.83.2
1 EDB exploit
435
VMScore
CVE-2006-1127
Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »