Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autosec tools vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4826
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are obtained from third party information.
Autosectools V-cms 1.0
NA
CVE-2011-4828
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in temp/.
Autosectools V-cms 1.0
1 EDB exploit
NA
CVE-2011-4827
Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) p parameter to redirect.php and (2) box parameter to includes/TrueColorPicker/index.php, which is not properly handled in...
Autosectools V-cms 1.0
NA
CVE-2011-1669
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote malicious users to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.
Mikoviny Wp Custom Pages 0.5.0.1
1 EDB exploit
NA
CVE-2011-0740
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the rss_url parameter.
Pleer Rss Feed Reader 0.1
1 EDB exploit
NA
CVE-2011-0773
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX prior to 2.2.3 allows remote malicious users to inject arbitrary web script or HTML via the image parameter.
Pivotx Pivotx 2.2.0
Pivotx Pivotx
Pivotx Pivotx 2.2.1
Pivotx Pivotx 2.1.0
Pivotx Pivotx 2.1.2
Pivotx Pivotx 2.1.1
1 EDB exploit
NA
CVE-2011-4280
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x prior to 2.0.2 and other products, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moodle Moodle 2.0.1
Nimish Pachapurkar Spike Phpcoverage
Moodle Moodle 2.0.0
1 EDB exploit
NA
CVE-2011-1556
SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote malicious users to execute arbitrary SQL commands via the pdfa parameter.
Aphpkb Aphpkb 0.95.4
1 EDB exploit
NA
CVE-2011-1714
Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote malicious users to inject arbitrary web script or HTML via the cal...
Qooxdoo Qooxdoo 1.3
1 EDB exploit
NA
CVE-2011-1715
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote malicious users to read arbitrary files via ..%2f (encoded dot dot) sequences ...
Qooxdoo Qooxdoo 1.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »