Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knockout vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
Knockoutjs Knockout
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Goldengate 12.3.0.1.2
7.8
CVSSv3
CVE-2016-8009
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows malicious users to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
Mcafee Application Control 7.0.0
Mcafee Application Control 6.1.0
Mcafee Application Control 6.1.2
Mcafee Application Control 6.1.3
Mcafee Application Control 6.2.0
Mcafee Application Control 6.0.0
Mcafee Application Control 6.1.1
1 Article
8.8
CVSSv3
CVE-2017-6968
GMV Checker ATM Security before 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03.
Gmv Checker Atm Security -
1 Article
9.8
CVSSv3
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.
Magento Magento
NA
CVE-2008-6516
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote malicious users to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of thi...
Phpkf Phpkf-portal 1.0
2 EDB exploits
NA
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote malicious users to execute arbitrary SQL commands via the ID parameter in an export action.
Aigaion Aigaion 1.3.4
1 EDB exploit
NA
CVE-2010-4912
SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote malicious users to execute arbitrary SQL commands via the shopid parameter in a view action.
Discuz Ucenter Home 2.0
1 EDB exploit
NA
CVE-2008-1493
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Cuteflow-bin Cuteflow Bin 1.5
1 EDB exploit
NA
CVE-2008-1962
Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.php and the (2) file parameter to include/common.inc.php.
Chimaera Aterr 0.9.1
1 EDB exploit
NA
CVE-2008-2872
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the sayfa parameter.
Aspindir Shibby Shop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »