Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
don vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-45364
Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.
Codedropz Drag And Drop Multiple File Upload - Contact Form 7
8.8
CVSSv3
CVE-2022-29419
SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher.
3xsocializer Project 3xsocializer
9.8
CVSSv3
CVE-2022-45377
Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a up to and including 1.0.8.
Codedropz Drag And Drop Multiple File Upload For Woocommerce
5.4
CVSSv3
CVE-2017-9838
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions prior to 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/card.php (type parameter), holiday/list.php (month_create, month_start, and month...
Dolibarr Dolibarr Erp\\/crm
5.4
CVSSv3
CVE-2022-42909
WEPA Print Away does not verify that a user has authorization to access documents before generating print orders and associated release codes. This could allow an malicious user to generate print orders and release codes for documents they don´t own and print hem without au...
Wepanow Print Away -
NA
CVE-2007-5145
Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote malicious users to cause a denia...
Microsoft Windows Xp -
NA
CVE-2007-5373
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Ldapscripts Ldapscripts 1.4
Ldapscripts Ldapscripts 1.7
8.8
CVSSv3
CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 prior to 2.07 on 32-bit platforms might allow remote malicious users to execute arbitrary code via a crafted Literal Run.
Oberhumer Liblzo2
Oberhumer Lzo2
NA
CVE-2007-4647
newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 allows remote malicious users to upload certain files via unspecified vectors, probably involving unrestricted functionality in uploadmedia.cgi.
2coolcode Our Space 2.0.9
1 EDB exploit
NA
CVE-2007-4653
SQL injection vulnerability in links.php in the Links MOD 1.2.2 and previous versions for phpBB 2.0.22 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter in a search action.
Phpbb Phpbb
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »