Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-3028
Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and previous versions for TYPO3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Typo3 Send A Card 2.2.1
Typo3 Send A Card
Typo3 Send A Card 2.2
7.5
CVSSv2
CVE-2007-2933
SQL injection vulnerability in index.php in the Phil-a-Form (com_philaform) 1.2.0.0 and previous versions component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the form_id parameter.
Phil-a-form Phil-a-form 1.2.0.0
1 EDB exploit
7.8
CVSSv2
CVE-2012-3252
Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote malicious users to cause a denial of service via unknown vectors.
Hp Serviceguard A.11.19
Hp Serviceguard A.11.20
4.3
CVSSv2
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
NA
CVE-2022-39039
aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt servi...
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39040
aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39041
aEnrich a+HRD has insufficient user input validation for specific API parameter. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
NA
CVE-2022-39042
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
Aenrich A\\+hrd 6.8
Aenrich A\\+hrd 7.0
6.8
CVSSv2
CVE-2011-3164
Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.
Hp Hp-ux Containers A.03.00
Hp Hp-ux Containers A.03.01
Hp Hp-ux Containers A.03.00.002
4.3
CVSSv2
CVE-2022-23916
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »