Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4258
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote malicious users to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
Myrephp Myre Real Estate Software 2012
2 EDB exploits
NA
CVE-2011-5150
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149...
Spamtitan Spamtitan
1 EDB exploit
NA
CVE-2011-5228
Cross-site scripting (XSS) vulnerability in the Search module (quickstart/search) in appRain CMF 0.1.5 allows remote malicious users to inject arbitrary web script or HTML via the ss parameter.
Apprain Apprain 0.1.5
1 EDB exploit
NA
CVE-2012-2938
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2012-2939
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php.
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2011-5149
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-settings.php; (3) hostname, (4) domainname, or (5) mailserver par...
Spamtitan Spamtitan
1 EDB exploit
NA
CVE-2011-5229
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Apprain Apprain 0.1.5
1 EDB exploit
NA
CVE-2015-5150
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in the run_query_editor_query module to CustomReportHandler.do, (2) compAcct parame...
Zohocorp Manageengine Supportcenter Plus 7.90
1 EDB exploit
NA
CVE-2012-5899
Cross-site scripting (XSS) vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via the OTR_HEADS[] parameter in an edit action. NOTE: some of these details are obtained from third party informati...
Samedia Landshop 0.9.2
1 EDB exploit
NA
CVE-2013-7025
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or...
Sonicwall Global Management System 7.1
Sonicwall Analyzer 7.1
Sonicwall Global Management System 7.0
Sonicwall Analyzer 7.0
Sonicwall Uma E5000 Firmware 7.0
Sonicwall Uma E5000 Firmware 7.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »