Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3803
Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the status_message parameter to (1) /news, (2) /comment, (3) /forum, (4) /blog, and (5) /tags; the status_message...
Amirocms Amiro.cms
Amirocms Amiro.cms 5.2.3
Amirocms Amiro.cms 4.2.2.0
Amirocms Amiro.cms 4.2.1.0
Amirocms Amiro.cms 5.0.7
Amirocms Amiro.cms 4.2.5
Amirocms Amiro.cms 4.2.4
Amirocms Amiro.cms 4.2.3.0
Amirocms Amiro.cms 5.2.2
Amirocms Amiro.cms 5.2
Amirocms Amiro.cms 4.2.0.5
Amirocms Amiro.cms 4.0.8.0
1 EDB exploit
6.8
CVSSv2
CVE-2006-2699
Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the image argument in a show action.
Geeklog Geeklog 1.3.10 Rc3
Geeklog Geeklog 1.3.11
Geeklog Geeklog 1.3.5 Sr1
Geeklog Geeklog 1.3.6
Geeklog Geeklog 1.3.8
Geeklog Geeklog 1.3.8 1
Geeklog Geeklog 1.3.8 1 Sr1
Geeklog Geeklog 1.3.9 Rc1
Geeklog Geeklog 1.3.9 Rc2
Geeklog Geeklog 1.4.0
Geeklog Geeklog 1.4.0 Beta1
Geeklog Geeklog 1.3.10 Rc1
Geeklog Geeklog 1.3.10 Rc2
Geeklog Geeklog 1.3.11 Sr4
Geeklog Geeklog 1.3.5
Geeklog Geeklog 1.3.7 Sr4
Geeklog Geeklog 1.3.7 Sr5
Geeklog Geeklog 1.3.8 1 Sr6
Geeklog Geeklog 1.3.9
Geeklog Geeklog 1.3.9 Sr4
Geeklog Geeklog 1.35
Geeklog Geeklog 1.3.11 Rc1
1 EDB exploit
6.4
CVSSv2
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
5
CVSSv2
CVE-2001-0418
content.pl script in NCM Content Management System allows remote malicious users to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
Ncm Ncm Content Management System
1 EDB exploit
4.3
CVSSv2
CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote malicious users to spoof the computer name of a secure channel's endpoint, and obtain sen...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 2003 Server
Microsoft Windows Server 2008
5.8
CVSSv2
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vmanage Network Management System -
4.3
CVSSv2
CVE-2006-2089
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
Mysmartbb Mysmartbb 1.1.3
Mysmartbb Mysmartbb 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
10
CVSSv2
CVE-2003-0255
The key validation code in GnuPG prior to 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
Gnu Privacy Guard
6.8
CVSSv2
CVE-2009-1561
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote malicious users to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPassw...
Cisco Wrt54gc 1.05.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »