Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1291
Buffer overflow in qwik-smtpd allows remote malicious users to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer.
Amir Malik Qwik Smtpd
1 EDB exploit
7.5
CVSSv3
CVE-2021-33038
An issue exists in management/commands/hyperkitty_import.py in HyperKitty up to and including 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on...
Hyperkitty Project Hyperkitty
Debian Debian Linux 10.0
NA
CVE-2011-4618
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin prior to 2.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Simplerealtytheme Advanced Text Widget Plugin
1 EDB exploit
NA
CVE-2011-5182
Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba'...
Wordpress Lanoba Social Plugin 1.0
1 EDB exploit
NA
CVE-2011-5179
Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly prior to 1.04, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the submit parameter.
Skysa Skysa App Bar Integration Plugin
Skysa Skysa App Bar Integration Plugin 1.02
Skysa Skysa App Bar Integration Plugin 1.01
Skysa Skysa App Bar Integration Plugin 1.0
1 EDB exploit
NA
CVE-2011-5181
Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party in...
Clickdesk Clickdesk Live Support-live Chat Plugin 2.0
1 EDB exploit
NA
CVE-2011-5265
Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the snum parameter. NOTE: this has been disputed by a third party.
Featurific For Wordpress Project Featurific-for-wordpress 1.6.2
1 EDB exploit
NA
CVE-2009-3486
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the trac...
Juniper Junos 8.5
2 EDB exploits
NA
CVE-2009-3487
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3...
Juniper Junos 8.5
2 EDB exploits
NA
CVE-2009-3485
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Juniper Junos 9.0
Juniper Junos 8.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »