Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lostmon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5190
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currenci...
Oscommerce Oscommerce 2.2 Cvs
Oscommerce Oscommerce 2.2 Ms1
Oscommerce Oscommerce 1.13
Oscommerce Oscommerce 1.5.1
Oscommerce Oscommerce 2.1
Oscommerce Oscommerce 1.11
Oscommerce Oscommerce 1.12
Oscommerce Oscommerce
Oscommerce Oscommerce 1.1
Oscommerce Oscommerce 2.2 Ms2
Oscommerce Oscommerce 2.2 Ms3
17 EDB exploits
NA
CVE-2005-1782
Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote malicious users to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm,...
W.m.r. Simpson Bookreview 1.0
9 EDB exploits
NA
CVE-2005-2044
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote malicious users to inject arbitrary web script or HTML via the (1) show_course parameter to browse.php, (2) subject parameter to contact.php, (3) cid parameter to content.php, (4) l para...
Adaptive Technology Resource Centre Atutor 1.5 Rc 1
Adaptive Technology Resource Centre Atutor 1.4.3
9 EDB exploits
NA
CVE-2006-6824
Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) getdate parameter in (a) day.php, (b) month.php, (c) year.php, (d) week.php, ...
Php Icalendar Php Icalendar
Php Icalendar Php Icalendar 1.1
Php Icalendar Php Icalendar 2.2 Beta
Php Icalendar Php Icalendar 2.22
Php Icalendar Php Icalendar 2.24
8 EDB exploits
NA
CVE-2006-1033
Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS prior to 9.0.6.1 allow remote malicious users to inject arbitrary web script or HTML via (1) uname, (2) error, (3) profile or (4) the username filed parameter to the (a) Your_Account module, (5) catid, (6) sid, ...
Cpg-nuke Dragonfly Cms 9.0.3.0
Cpg-nuke Dragonfly Cms 9.0.4.0
Cpg-nuke Dragonfly Cms 9.0.1.1
Cpg-nuke Dragonfly Cms 9.0.2.0
Cpg-nuke Dragonfly Cms 9.0.5.0
Cpg-nuke Dragonfly Cms 9.0.6.0
7 EDB exploits
NA
CVE-2007-6380
Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote malicious users to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections...
E-xoops E-xoops 1.05 Rev1
E-xoops E-xoops 1.05 Rev3
E-xoops E-xoops 1.05 Rev2
E-xoops E-xoops 1.08
7 EDB exploits
NA
CVE-2005-1440
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote malicious users to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using ...
Codetosell Viart Shop Enterprise 2.1.6
6 EDB exploits
NA
CVE-2008-3668
Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote malicious users to inject arbitrary web script or HTML via the uid parameter to (1) friends.php, (2) seutubo.php, (3) album.php, (4) scrapbook.php, (5) index.php...
Marcello Brandao Yogurt Social Network Module 3.2
6 EDB exploits
NA
CVE-2007-3593
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote malicious users to inject arbitrary web script or HTML via the (1) alpha parameter in (a) netflow/jspui/applicationList.jsp, the (2) task parameter in (b) netflow/jspui/appConfig.j...
Adventnet Manageengine Netflow Analyzer 5
5 EDB exploits
NA
CVE-2007-3594
Multiple cross-site scripting (XSS) vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote malicious users to inject arbitrary web script or HTML via the (1) name parameter in (a) ping.do and (b) traceRoute.do in map/; the (2) reportName, (3) displayName, and (4...
Adventnet Manageengine Netflow Analyzer 6
Adventnet Manageengine Netflow Analyzer 7
5 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »