Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2010-1399
WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote malicious users to execute arbitrary code or cause a ...
Apple Safari 4.0.1
Apple Safari 4.0.0b
Apple Safari 4.0.3
Apple Safari 4.0.2
Apple Webkit
Apple Safari
Apple Safari 4.0
Apple Safari 4.0.4
828
VMScore
CVE-2010-1585
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox prior to 3.5.17 and 3.6.x prior to 3.6.14, Thunderbird prior to 3.1.8, and SeaMonkey prior to 2.0.12 does not properly sanitize HTML in a chrome document, which ...
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1
Mozilla Seamonkey 2.0.2
Mozilla Seamonkey 2.0.3
828
VMScore
CVE-2009-1600
Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document ...
Apple Safari
828
VMScore
CVE-2009-1597
Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the docume...
Mozilla Firefox
828
VMScore
CVE-2009-1598
Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document...
Google Chrome -
828
VMScore
CVE-2009-1599
Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object,...
Opera Opera Browser
801
VMScore
CVE-2020-3211
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An atta...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
801
VMScore
CVE-2019-1862
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected softwa...
Cisco Ios Xe 16.3.7
1 Article
760
VMScore
CVE-2008-7049
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote malicious users to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due t...
Natterchat Natterchat 1.12
Natterchat Natterchat 1.1
2 EDB exploits
756
VMScore
CVE-2009-3631
The Backend subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2, when the DAM extension or ftp upload is enabled, allows remote authenticated users to execute arbitrary commands via shell metacharacters in ...
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.3
Typo3 Typo3 4.3
Typo3 Typo3 1.3.0
Typo3 Typo3 1.3.2
Typo3 Typo3 3.7.1
Typo3 Typo3 3.7.x
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.10
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.12
Typo3 Typo3 4.1.11
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 1.1
Typo3 Typo3 1.1.09
Typo3 Typo3 3.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »