Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dau huy ngoc vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2014-8674
Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Simple Online Planning (SOPlanning) prior to 1.33 via the document.cookie in nb_mois and mb_ligness and the debug GET parameter to export.php, which allows malicious users to execute arbitrary code.
Soplanning Soplanning
1 EDB exploit
5.3
CVSSv3
CVE-2014-8677
The installation process for SOPlanning 1.32 and previous versions allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create arbitrary databases, or if PHP prior to 5.2 is being used, the configura...
Soplanning Soplanning
1 EDB exploit
5.3
CVSSv3
CVE-2014-8676
Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and previous versions allows remote malicious users to determine the existence of arbitrary files via a .. (dot dot) in a URL path parameter.
Soplanning Soplanning
1 EDB exploit
9.8
CVSSv3
CVE-2014-8673
Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, and groupe_list.php in Simple Online Planning (SOPPlanning)prior to 1.33.
Soplanning Soplanning
1 EDB exploit
NA
CVE-2015-1560
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon web 2.7.0) allows remote malicious users to execute arbitrary SQL commands via the sid parameter to in...
Centreon Centreon
1 EDB exploit
3 Github repositories
NA
CVE-2015-1561
The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary c...
Centreon Centreon
1 EDB exploit
3 Github repositories
7.5
CVSSv3
CVE-2014-8675
Soplanning 1.32 and previous versions generates static links for sharing ICAL calendars with embedded login information, which allows remote malicious users to obtain a calendar owner's password via a brute-force attack on the embedded password hash.
Soplanning Soplanning
1 EDB exploit
5.4
CVSSv3
CVE-2014-9405
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.
Free Freebox Os 3.0.2
6.5
CVSSv3
CVE-2014-9382
Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation
Free Freebox Os 3.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started