Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2577
Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote malicious users to execute arbitrary SQL commands via (1) the mode parameter to feeds.php, the (2) form[cat] parameter to (a) news/list/index.php or (b) certain news/details/id_*/action_create/index.php files,...
Acp3 Acp3 4.0 Beta 3
NA
CVE-2005-2539
Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote malicious users to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_ma...
Flatnuke Flatnuke 2.5.5
2 EDB exploits
NA
CVE-2008-7060
Multiple cross-site scripting (XSS) vulnerabilities in One-News Beta 2 allow remote malicious users to inject arbitrary HTML and web script via the (1) title or (2) content parameters in a news item to add.php, and the (3) itemnum, (4) author, or (5) comment parameters in a comme...
One-news One-news
NA
CVE-2008-3700
Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite 3.20.02 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the sessionid parameter in a livesupport startclientchat action to visitor/index.php; (2) the filte...
Kayako Supportsuite 3.10.02
Kayako Supportsuite 3.11.00
Kayako Supportsuite 3.10.00
Kayako Supportsuite 3.11.01
Kayako Supportsuite
2 EDB exploits
NA
CVE-2010-1109
Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) v2 parameter in a member view action, (2) v1 parameter in a news action, (3) v1 parameter in an inf...
Djayp Phpmysport 1.4
1 EDB exploit
NA
CVE-2006-3135
Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id paramet...
Hotwebscripts Cms Mundo 1.0 Build 008
3.3
CVSSv3
CVE-2021-31815
GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows malicious users to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers an...
8.8
CVSSv3
CVE-2017-12904
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 up to and including 2.9 allows remote malicious users to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or ...
Newsbeuter Newsbeuter 1.0
Newsbeuter Newsbeuter 2.4
Newsbeuter Newsbeuter 2.3
Newsbeuter Newsbeuter 0.8
Newsbeuter Newsbeuter 1.3
Newsbeuter Newsbeuter 0.9
Newsbeuter Newsbeuter 2.0
Newsbeuter Newsbeuter 2.1
Newsbeuter Newsbeuter 0.8.1
Newsbeuter Newsbeuter 2.8
Newsbeuter Newsbeuter 2.5
Newsbeuter Newsbeuter 0.8.2
Newsbeuter Newsbeuter 2.6
Newsbeuter Newsbeuter 0.7
Newsbeuter Newsbeuter 2.2
Newsbeuter Newsbeuter 1.1
Newsbeuter Newsbeuter 2.7
Newsbeuter Newsbeuter 2.9
Newsbeuter Newsbeuter 0.9.1
Newsbeuter Newsbeuter 1.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2009-4780
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ prior to 2.5.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) the tagging_id paramete...
Phpmyfaq Phpmyfaq 2.0.1
Phpmyfaq Phpmyfaq 2.0.0
Phpmyfaq Phpmyfaq 2.0.8
Phpmyfaq Phpmyfaq 2.0.6
Phpmyfaq Phpmyfaq 2.5.1
Phpmyfaq Phpmyfaq 2.0.13
Phpmyfaq Phpmyfaq 1.6.9
Phpmyfaq Phpmyfaq 0.80
Phpmyfaq Phpmyfaq 0.666
Phpmyfaq Phpmyfaq 1.2.2
Phpmyfaq Phpmyfaq 1.2.0
Phpmyfaq Phpmyfaq 1.1.4a
Phpmyfaq Phpmyfaq 1.1.2
Phpmyfaq Phpmyfaq 1.1.0
Phpmyfaq Phpmyfaq 1.4.6
Phpmyfaq Phpmyfaq 1.4.4
Phpmyfaq Phpmyfaq 1.6.12
Phpmyfaq Phpmyfaq 1.5.0
Phpmyfaq Phpmyfaq 1.3.1
Phpmyfaq Phpmyfaq 1.2.5b
Phpmyfaq Phpmyfaq 1.3.9
Phpmyfaq Phpmyfaq 1.3.7
1 EDB exploit
NA
CVE-2003-0205
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
Gkrellm Newsticker Gkrellm Newsticker 0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »