Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cracker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2016-5641
This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json...
1 Article
9.1
CVSSv3
CVE-2022-2003
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an malicious user to access and make unauthorized changes. This issue affects: Automa...
Automationdirect D0-06dd1 Firmware
Automationdirect D0-06dd2 Firmware
Automationdirect D0-06dr Firmware
Automationdirect D0-06da Firmware
Automationdirect D0-06ar Firmware
Automationdirect D0-06aa Firmware
Automationdirect D0-06dd1-d Firmware
Automationdirect D0-06dd2-d Firmware
Automationdirect D0-06dr-d Firmware
1 Article
NA
CVE-2024-4348
osCommerce version 4 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to CraCkEr in November of 2023.
NA
CVE-2008-6840
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) Net/Socket.php, (c) XML/Parser.php, (d) XML/Tree.php, (e) Mail/mimeDecode.p...
Christof Bruyland V-webmail 1.6.4
13 EDB exploits
6.1
CVSSv3
CVE-2023-4111
A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickup_id leads to cross site scripting. The attack may be launch...
Phpjabbers Bus Reservation System 1.1
NA
CVE-2008-5943
Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php.
Navboard Navboard 16
2 EDB exploits
6.1
CVSSv3
CVE-2023-3843
A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remote...
Moosocial Moodating 1.2
NA
CVE-2008-3445
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote malicious users to execute arbitrary SQL commands via the location parameter.
Phpmyrealty Phpmyrealty 2.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2023-6579
A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimate[country_id] leads ...
Oscommerce Oscommerce 4.0
NA
CVE-2008-3595
PHP remote file inclusion vulnerability in examples/txtSQLAdmin/startup.php in txtSQL 2.2 Final allows remote malicious users to execute arbitrary PHP code via a URL in the CFG[txtsql][class] parameter.
Txtsql Txtsql 2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »