Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
don vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-45377
Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a up to and including 1.0.8.
Codedropz Drag And Drop Multiple File Upload For Woocommerce
9.8
CVSSv3
CVE-2017-14242
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote malicious users to execute arbitrary SQL commands via the statut parameter.
Dolibarr Dolibarr 6.0.0
8.8
CVSSv3
CVE-2022-45364
Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.
Codedropz Drag And Drop Multiple File Upload - Contact Form 7
8.8
CVSSv3
CVE-2022-29419
SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher.
3xsocializer Project 3xsocializer
8.8
CVSSv3
CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 prior to 2.07 on 32-bit platforms might allow remote malicious users to execute arbitrary code via a crafted Literal Run.
Oberhumer Liblzo2
Oberhumer Lzo2
5.4
CVSSv3
CVE-2022-42909
WEPA Print Away does not verify that a user has authorization to access documents before generating print orders and associated release codes. This could allow an malicious user to generate print orders and release codes for documents they don´t own and print hem without au...
Wepanow Print Away -
5.4
CVSSv3
CVE-2017-9838
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions prior to 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/card.php (type parameter), holiday/list.php (month_create, month_start, and month...
Dolibarr Dolibarr Erp\\/crm
4.8
CVSSv3
CVE-2022-47157
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin <= 1.2.34 versions.
Webhammer Wp Custom Fields Search
NA
CVE-2014-9456
Buffer overflow in NotePad++ 6.6.9 allows remote malicious users to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information.
Don Ho Notepad\\+\\+ 6.6.9
1 EDB exploit
NA
CVE-2010-4774
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
Auracms Auracms 1.62
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »