Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1553
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote malicious users to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) ...
Oracle Glassfish Server 2.1
8 EDB exploits
NA
CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e...
Claroline Claroline 1.8.10
4 EDB exploits
NA
CVE-2009-0038
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description...
Apache Geronimo 2.1.2
Apache Geronimo 2.1.1
Apache Geronimo 2.1.3
Apache Geronimo 2.1
2 EDB exploits
NA
CVE-2008-3390
Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Minishowcase Minishowcase Image Gallery 09b136
1 EDB exploit
NA
CVE-2008-1145
Directory traversal vulnerability in WEBrick in Ruby 1.8 prior to 1.8.5-p115 and 1.8.6-p114, and 1.9 up to and including 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote malicious users to access arbitrary f...
Ruby-lang Webrick -
Fedoraproject Fedora 8
Fedoraproject Fedora 7
1 EDB exploit
NA
CVE-2008-1534
Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) settings[footer] parameter to footer.inc.php and the (2) settings[header] parameter to header.inc.php.
Powerscripts Powerphpboard 1.00b
1 EDB exploit
NA
CVE-2008-1556
Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/c...
Bolinos Bolinos 4.6.1
1 EDB exploit
NA
CVE-2008-1557
BolinOS 4.6.1 allows remote malicious users to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
Bolinos Bolinos 4.6.1
1 EDB exploit
NA
CVE-2008-2496
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
Quate Quate Cms 0.3.4
1 EDB exploit
NA
CVE-2008-0612
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Xoops Xoops 2.0.18
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »