Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2344
SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the ubild parameter.
Ajax Softwares Alipager 1.00
Ajax Softwares Alipager 1.12
5.3
CVSSv3
CVE-2018-15876
An issue exists in the ajax-bootmodal-login plugin 1.4.3 for WordPress. The register form, login form, and password-recovery form require solving a CAPTCHA to perform actions. However, this is required only once per user session, and therefore one could send as many requests as o...
Ajax Bootmodal Login Project Ajax Bootmodal Login 1.4.3
9.8
CVSSv3
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
5.3
CVSSv3
CVE-2016-10929
The advanced-ajax-page-loader plugin prior to 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in.
Advanced Ajax Page Loader Project Advanced Ajax Page Loader
9.8
CVSSv3
CVE-2023-2027
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthe...
Zm Ajax Login \\& Register Project Zm Ajax Login \\& Register
NA
CVE-2007-1982
Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __class parameters to (a) rspa/...
Really Simple Php And Ajax Really Simple Php And Ajax
1 EDB exploit
9.8
CVSSv3
CVE-2014-4972
Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and previous versions for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under wp-c...
Ajax Upload For Gravity Forms Project Ajax Upload For Gravity Forms
NA
CVE-2014-4958
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote malicious users to inject arbitrary web script or HTML via CSS expressions in style attributes.
Telerik Asp.net Ajax Radeditor Control 2009.3.1208.20
Telerik Asp.net Ajax Radeditor Control
1 Article
NA
CVE-2007-1851
Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php.
Really Simple Php And Ajax Really Simple Php And Ajax 2007-03-23
1 EDB exploit
NA
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager prior to 1.1, as used in tinymce prior to 1.4.2, phpMyFAQ 2.6 prior to 2.6.19 and 2.7 prior to 2.7.1, and possibly other products, allows remote malicious users to inject arbitrary PHP cod...
Phpletter Ajax File And Image Manager 1.0
Phpletter Ajax File And Image Manager 0.5.7
Phpletter Ajax File And Image Manager 0.5.5
Phpletter Ajax File And Image Manager 0.5
Phpletter Ajax File And Image Manager
Phpmyfaq Phpmyfaq 2.7.0
Phpmyfaq Phpmyfaq 2.6.10
Phpmyfaq Phpmyfaq 2.6.5
Phpmyfaq Phpmyfaq 2.6.4
Phpmyfaq Phpmyfaq 2.6.3
Phpletter Ajax File And Image Manager 0.9
Phpletter Ajax File And Image Manager 0.7.10
Phpletter Ajax File And Image Manager 0.6.12
Phpmyfaq Phpmyfaq 2.6.18
Phpmyfaq Phpmyfaq 2.6.16
Phpmyfaq Phpmyfaq 2.6.8
Phpmyfaq Phpmyfaq 2.6.6
Phpmyfaq Phpmyfaq 2.6.2
Phpmyfaq Phpmyfaq 2.6.0
Phpletter Ajax File And Image Manager 0.8.24
Phpletter Ajax File And Image Manager 0.8.9
Phpletter Ajax File And Image Manager 0.8.8
6 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »