Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5150
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149...
Spamtitan Spamtitan
1 EDB exploit
NA
CVE-2011-5149
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-settings.php; (3) hostname, (4) domainname, or (5) mailserver par...
Spamtitan Spamtitan
1 EDB exploit
NA
CVE-2012-4278
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to agentad...
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-4279
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-4280
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote malicious users to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
NA
CVE-2012-4281
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid...
Itechscripts Travelon Express 6.2.2
1 EDB exploit
NA
CVE-2012-4266
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote malicious users to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.
Itechscripts Proman Xpress 5.0.1
1 EDB exploit
NA
CVE-2012-4265
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Itechscripts Proman Xpress 5.0.1
1 EDB exploit
NA
CVE-2012-4258
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote malicious users to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
Myrephp Myre Real Estate Software 2012
2 EDB exploits
NA
CVE-2012-4260
Multiple SQL injection vulnerabilities in myCare2x allow remote malicious users to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/mycare2x_importer.php; (5) ...
Hccgmbh Mycare2x -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »