Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-3990
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and previous versions allows remote malicious users to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted ser...
Opencart Opencart
8.1
CVSSv3
CVE-2013-3212
vtiger CRM 5.4.0 and previous versions contain local file-include vulnerabilities in 'customerportal.php' which allows remote malicious users to view files and execute local script code.
Vtiger Vtiger Crm
1 EDB exploit
NA
CVE-2013-3213
Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 up to and including 5.4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_l...
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 5.0.2
1 EDB exploit
9.8
CVSSv3
CVE-2013-3215
vtiger CRM 5.4.0 and previous versions contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.
Vtiger Vtiger Crm
1 EDB exploit
NA
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
Pmos Helpdesk Pmos Helpdesk
1 EDB exploit
NA
CVE-2007-6622
SQL injection vulnerability in security.php in ZeusCMS 0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2007-6623
Absolute path traversal vulnerability in ZeusCMS 0.3 and previous versions might allow remote malicious users to list arbitrary directories via a full pathname in the dir parameter.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2007-6656
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the templateid parameter.
Cmsmadesimple Cms Made Simple
1 EDB exploit
NA
CVE-2008-0129
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the album_name parameter.
Siteatschool Siteatschool
1 EDB exploit
NA
CVE-2012-5223
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and previous versions allows remote malicious users to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted ...
Crawlability Vbseo 3.5.0
Crawlability Vbseo 3.3.0
Crawlability Vbseo 3.0.0
Crawlability Vbseo 2.3.0
Crawlability Vbseo 2.2.0
Crawlability Vbseo 3.1.0
Crawlability Vbseo 3.5.1
Crawlability Vbseo 3.6.0
Crawlability Vbseo 3.2.0
Crawlability Vbseo 2.0.0
Crawlability Vbseo
Crawlability Vbseo 3.5.2
Crawlability Vbseo 2.4.5
Crawlability Vbseo 2.4.0
Crawlability Vbseo 3.3.1
Crawlability Vbseo 2.1.1
Crawlability Vbseo 2.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »