Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1296
Multiple buffer overflows in Adobe Photoshop CS4 prior to 11.0.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.
Adobe Photoshop Cs4
Adobe Photoshop Cs4 11.0
3 EDB exploits
NA
CVE-2011-1062
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (...
Taskfreak Taskfreak\\! 0.6.4
4 EDB exploits
NA
CVE-2010-5240
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cp...
Corel Coreldraw X5 15.1.0.588
Corel Photo-paint X3 13.0.0.576
2 EDB exploits
NA
CVE-2012-1049
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote malicious users to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.
Manageengine Admanager Plus 5.2
2 EDB exploits
8.8
CVSSv3
CVE-2010-1280
Adobe Shockwave Player prior to 11.5.7.609 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
Adobe Shockwave Player
1 EDB exploit
NA
CVE-2015-1422
Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) horder[], (2) jak_catid, (3) jak_content, (4) jak_css, (5) jak_delete_log[], (6) jak_email, (7) jak_extfile, (8) jak_file, ...
Jakweb Gecko Cms 2.3
Jakweb Gecko Cms 2.2
1 EDB exploit
NA
CVE-2015-1423
Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php.
Jakweb Gecko Cms 2.2
Jakweb Gecko Cms 2.3
1 EDB exploit
NA
CVE-2011-5039
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parame...
Infoproject Biznis Heroj
1 EDB exploit
NA
CVE-2011-5044
SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.
Sopcast Sopcast 3.4.7.45585
1 EDB exploit
NA
CVE-2011-5155
Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .ch...
Helpandmanual Help \\& Manual 5.5.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »