Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-news vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2577
Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote malicious users to execute arbitrary SQL commands via (1) the mode parameter to feeds.php, the (2) form[cat] parameter to (a) news/list/index.php or (b) certain news/details/id_*/action_create/index.php files,...
Acp3 Acp3 4.0 Beta 3
4.3
CVSSv2
CVE-2008-7060
Multiple cross-site scripting (XSS) vulnerabilities in One-News Beta 2 allow remote malicious users to inject arbitrary HTML and web script via the (1) title or (2) content parameters in a news item to add.php, and the (3) itemnum, (4) author, or (5) comment parameters in a comme...
One-news One-news
4.3
CVSSv2
CVE-2005-2539
Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote malicious users to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_ma...
Flatnuke Flatnuke 2.5.5
2 EDB exploits
4.3
CVSSv2
CVE-2008-3700
Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite 3.20.02 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the sessionid parameter in a livesupport startclientchat action to visitor/index.php; (2) the filte...
Kayako Supportsuite 3.10.02
Kayako Supportsuite 3.11.00
Kayako Supportsuite 3.10.00
Kayako Supportsuite 3.11.01
Kayako Supportsuite
2 EDB exploits
6.8
CVSSv2
CVE-2010-1109
Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) v2 parameter in a member view action, (2) v1 parameter in a news action, (3) v1 parameter in an inf...
Djayp Phpmysport 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2006-3135
Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id paramet...
Hotwebscripts Cms Mundo 1.0 Build 008
2.1
CVSSv2
CVE-2021-31815
GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows malicious users to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers an...
9.3
CVSSv2
CVE-2017-12904
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 up to and including 2.9 allows remote malicious users to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or ...
Newsbeuter Newsbeuter 1.0
Newsbeuter Newsbeuter 2.4
Newsbeuter Newsbeuter 2.3
Newsbeuter Newsbeuter 0.8
Newsbeuter Newsbeuter 1.3
Newsbeuter Newsbeuter 0.9
Newsbeuter Newsbeuter 2.0
Newsbeuter Newsbeuter 2.1
Newsbeuter Newsbeuter 0.8.1
Newsbeuter Newsbeuter 2.8
Newsbeuter Newsbeuter 2.5
Newsbeuter Newsbeuter 0.8.2
Newsbeuter Newsbeuter 2.6
Newsbeuter Newsbeuter 0.7
Newsbeuter Newsbeuter 2.2
Newsbeuter Newsbeuter 1.1
Newsbeuter Newsbeuter 2.7
Newsbeuter Newsbeuter 2.9
Newsbeuter Newsbeuter 0.9.1
Newsbeuter Newsbeuter 1.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
4.3
CVSSv2
CVE-2009-4780
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ prior to 2.5.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) the tagging_id paramete...
Phpmyfaq Phpmyfaq 2.0.1
Phpmyfaq Phpmyfaq 2.0.0
Phpmyfaq Phpmyfaq 2.0.8
Phpmyfaq Phpmyfaq 2.0.6
Phpmyfaq Phpmyfaq 2.5.1
Phpmyfaq Phpmyfaq 2.0.13
Phpmyfaq Phpmyfaq 1.6.9
Phpmyfaq Phpmyfaq 0.80
Phpmyfaq Phpmyfaq 0.666
Phpmyfaq Phpmyfaq 1.2.2
Phpmyfaq Phpmyfaq 1.2.0
Phpmyfaq Phpmyfaq 1.1.4a
Phpmyfaq Phpmyfaq 1.1.2
Phpmyfaq Phpmyfaq 1.1.0
Phpmyfaq Phpmyfaq 1.4.6
Phpmyfaq Phpmyfaq 1.4.4
Phpmyfaq Phpmyfaq 1.6.12
Phpmyfaq Phpmyfaq 1.5.0
Phpmyfaq Phpmyfaq 1.3.1
Phpmyfaq Phpmyfaq 1.2.5b
Phpmyfaq Phpmyfaq 1.3.9
Phpmyfaq Phpmyfaq 1.3.7
1 EDB exploit
5
CVSSv2
CVE-2003-0206
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
Gkrellm Newsticker Gkrellm Newsticker 0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »