Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6793
Multiple cross-site scripting (XSS) vulnerabilities in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allow remote malicious users to inject arbitrary web script or HTML via the (1) event name or (2) date field.
Olat Olat 7.8.0.1
1 EDB exploit
NA
CVE-2013-6794
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote malicious users to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Olat Olat 7.8.0.1
1 EDB exploit
NA
CVE-2013-5962
Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin prior to 3.3.4 rev40279 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Envato Complete Gallery Manager Plugin 3.3.2
Envato Complete Gallery Manager Plugin 3.3.1
Envato Complete Gallery Manager Plugin 3.2.2
Envato Complete Gallery Manager Plugin 3.2.1
Envato Complete Gallery Manager Plugin 2.0.2
Envato Complete Gallery Manager Plugin 2.0.1
Envato Complete Gallery Manager Plugin 3.2.6
Envato Complete Gallery Manager Plugin 3.2.5
Envato Complete Gallery Manager Plugin 3.1.0
Envato Complete Gallery Manager Plugin 3.0.1
Envato Complete Gallery Manager Plugin 1.0.1
Envato Complete Gallery Manager Plugin 1.0.0
Envato Complete Gallery Manager Plugin 3.3.0
Envato Complete Gallery Manager Plugin 3.2.8
Envato Complete Gallery Manager Plugin 3.2.7
Envato Complete Gallery Manager Plugin 3.2.0
Envato Complete Gallery Manager Plugin 3.1.1
Envato Complete Gallery Manager Plugin 2.0.0
Envato Complete Gallery Manager Plugin 1.0.2
Envato Complete Gallery Manager Plugin
Envato Complete Gallery Manager Plugin 3.2.4
Envato Complete Gallery Manager Plugin 3.2.3
1 EDB exploit
NA
CVE-2013-5147
Passcode Lock in Apple iOS prior to 7 does not properly manage the lock state, which allows physically proximate malicious users to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card.
Apple Iphone Os 1.0.0
Apple Iphone Os 1.0.1
Apple Iphone Os 2.0
Apple Iphone Os 2.0.0
Apple Iphone Os 3.0
Apple Iphone Os 3.0.1
Apple Iphone Os 4.0
Apple Iphone Os 4.0.1
Apple Iphone Os 4.3.2
Apple Iphone Os 4.3.3
Apple Iphone Os 6.0.1
Apple Iphone Os 6.0.2
Apple Iphone Os 1.1.2
Apple Iphone Os 1.1.3
Apple Iphone Os 2.1
Apple Iphone Os 2.1.1
Apple Iphone Os 3.1.3
Apple Iphone Os 3.2
Apple Iphone Os 4.2.5
Apple Iphone Os 4.2.8
Apple Iphone Os 5.0.1
Apple Iphone Os 5.1
1 EDB exploit
NA
CVE-2013-3179
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
NA
CVE-2013-1471
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail prior to 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote malicious users to inject arbitrary web script or HTML via (1) the Add field for the B...
Fortinet Fortimail 3.0
Fortinet Fortimail 4.0
Fortinet Fortimail
1 EDB exploit
NA
CVE-2012-6509
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote malicious users to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
Netartmedia Car Portal 3.0
1 EDB exploit
NA
CVE-2012-6510
Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; (4) Name when creating a...
Netartmedia Car Portal 3.0
1 EDB exploit
NA
CVE-2012-6517
Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) question parameter to in /modules/poll/add.php or (2) question or (3) answer parameter to modules/poll/edit.php.
Diy-cms Diy-cms 1.0
1 EDB exploit
NA
CVE-2012-6518
Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS 1.0 allows remote malicious users to hijack the authentication of administrators for requests that create a poll via an add action to the poll module.
Diy-cms Diy-cms 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »