Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4258
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote malicious users to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
Myrephp Myre Real Estate Software 2012
2 EDB exploits
NA
CVE-2012-3840
Multiple cross-site scripting (XSS) vulnerabilities in index.php/users/form/user_id in MyClientBase 0.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name or (2) last_name parameters.
Myclientbase Myclientbase 0.12
1 EDB exploit
NA
CVE-2012-2938
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2012-4260
Multiple SQL injection vulnerabilities in myCare2x allow remote malicious users to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/mycare2x_importer.php; (5) ...
Hccgmbh Mycare2x -
1 EDB exploit
NA
CVE-2012-4261
SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote malicious users to execute arbitrary SQL commands via the lang parameter.
Hccgmbh Mycare2x -
1 EDB exploit
NA
CVE-2012-4266
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote malicious users to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.
Itechscripts Proman Xpress 5.0.1
1 EDB exploit
NA
CVE-2012-4278
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to agentad...
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-4281
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid...
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2008-0474
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote malicious users to inject arbitrary web script or HTML via the (1) showlink parameter to jsp/DiscoveryProfiles.jsp; the (2) attributeIDs, (3) attributeToSelect, (4...
Manageengine Applications Manager 8.1 Build 8100
1 EDB exploit
NA
CVE-2013-3179
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »