Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4365
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
Harmistechnology Com Jeajaxeventcalendar
2 EDB exploits
NA
CVE-2010-2513
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the view parameter to index.php.
Harmistechnology Com Jeajaxeventcalendar 1.0.5
2 EDB exploits
NA
CVE-2008-5653
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote malicious users to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third ...
Myiosoft.com Ajaxportal 3.0
1 EDB exploit
NA
CVE-2009-1509
SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myiosoft Ajaxportal 3.0
1 EDB exploit
NA
CVE-2010-2129
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained fr...
Harmistechnology Com Jeajaxeventcalendar 1.0.1
Harmistechnology Com Jeajaxeventcalendar 1.0.3
1 EDB exploit
NA
CVE-2009-3822
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.
Fijiwebdesign Com Ajaxchat 1.0
1 EDB exploit
NA
CVE-2007-0177
Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki prior to 1.6.9, 1.7 prior to 1.7.2, 1.8 prior to 1.8.3, and 1.9 prior to 1.9.0rc2, when wgUseAjax is enabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mediawiki Mediawiki 1.6.6
Mediawiki Mediawiki 1.7.0
Mediawiki Mediawiki 1.6.0
Mediawiki Mediawiki 1.6.1
Mediawiki Mediawiki 1.7.1
Mediawiki Mediawiki 1.8.0
Mediawiki Mediawiki 1.6.5
Mediawiki Mediawiki 1.6.5 R14348
Mediawiki Mediawiki 1.9.0
Mediawiki Mediawiki 1.6.2
Mediawiki Mediawiki 1.6.3
Mediawiki Mediawiki 1.6.4
Mediawiki Mediawiki 1.8.1
Mediawiki Mediawiki 1.8.2
1 EDB exploit
NA
CVE-2009-3256
Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote malicious users to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter.
Livestreet Livestreet 0.2
1 EDB exploit
NA
CVE-2008-5998
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x prior to 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, r...
Drupal Ajax Checklist 5.x-1.0
1 EDB exploit
NA
CVE-2024-30928
SQL Injection vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »