Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

bogdan calin vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2010-4906
SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote malicious users to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.
Zenphoto Zenphoto 1.3Zenphoto Zenphoto 1.3.1.2
NA
CVE-2010-3070
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
Dietrich Ayala Nusoap 0.9.5
NA
CVE-2010-3460
Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote malicious users to read arbitrary files via a %5C (encoded backslash) in the URL.
Gecad Axigen Mail Server 7.4Gecad Axigen Mail Server 7.2Gecad Axigen Mail Server 7.0Gecad Axigen Mail Server 6.2.2Gecad Axigen Mail Server 5.0Gecad Axigen Mail Server 7.3.1Gecad Axigen Mail Server 7.3Gecad Axigen Mail Server 7.1.2Gecad Axigen Mail Server 7.1.1Gecad Axigen Mail Server 6.1Gecad Axigen Mail Server 6.0.1Gecad Axigen Mail Server 5.0.3Gecad Axigen Mail Server 4.0Gecad Axigen Mail Server 2.0Gecad Axigen Mail Server 1.2.6Gecad Axigen Mail Server 1.1.0Gecad Axigen Mail Server 1.0.7Gecad Axigen Mail ServerGecad Axigen Mail Server 7.2.1Gecad Axigen Mail Server 7.1Gecad Axigen Mail Server 3.0Gecad Axigen Mail Server 2.0.5
NA
CVE-2010-4907
Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote malicious users to inject arbitrary web script or HTML via the user parameter. NOTE: the from parameter is already covered by CVE-2009-4562.
Zenphoto Zenphoto 1.3
NA
CVE-2009-3904
classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote malicious users to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2...
Cubecart Cubecart 4.3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook