Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abysssec vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1248
Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote malicious users to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."
Microsoft Excel 2002
Microsoft Office 2004
2 EDB exploits
NA
CVE-2012-4958
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Novell File Reporter 1.0.2
1 EDB exploit
NA
CVE-2010-3404
Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote malicious users to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx.
Eshtery.she7ata Eshtery Cms
1 EDB exploit
NA
CVE-2010-3480
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Apphp Php Microcms 1.0.1
1 EDB exploit
NA
CVE-2010-2866
Integer signedness error in the DIRAPI module in Adobe Shockwave Player prior to 11.5.8.612 allows remote malicious users to cause a denial of service (memory corruption) or execute arbitrary code via a count value associated with an "undocumented structure" and the tSA...
Adobe Shockwave Player 2.0
Adobe Shockwave Player 9
Adobe Shockwave Player 11.5.0.595
Adobe Shockwave Player 11.5.0.596
Adobe Shockwave Player 10.2.0.021
Adobe Shockwave Player 10.1.4.020
Adobe Shockwave Player 10.1.1.016
Adobe Shockwave Player 8.5.1.103
Adobe Shockwave Player 8.5.1.100
Adobe Shockwave Player 8.0.204
Adobe Shockwave Player 8.0.196a
Adobe Shockwave Player 5.0
Adobe Shockwave Player 6.0
Adobe Shockwave Player 11.5.6.606
Adobe Shockwave Player
Adobe Shockwave Player 10.0.0.210
Adobe Shockwave Player 9.0.432
Adobe Shockwave Player 8.5.323
Adobe Shockwave Player 8.5.324
Adobe Shockwave Player 11.0.3.471
Adobe Shockwave Player 1.0
Adobe Shockwave Player 10.1.0.11
1 EDB exploit
NA
CVE-2010-3602
Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote malicious users to inject arbitrary web script or HTML via the User ID parameter. NOTE: some of these details are obtained from third party information.
Sourcetreesolutions Mojoportal 2.3.5.1
Sourcetreesolutions Mojoportal 2.3.4.3
1 EDB exploit
NA
CVE-2010-0824
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote malicious users to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerabi...
Microsoft Excel 2002
Microsoft Office 2004
1 EDB exploit
NA
CVE-2010-3603
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService.ashx) in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote malicious users to hijack the authentication of administrators for requests that rename arbitrary files, as demonstrated by caus...
Sourcetreesolutions Mojoportal 2.3.4.3
Sourcetreesolutions Mojoportal 2.3.5.1
1 EDB exploit
NA
CVE-2010-4893
Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS 2.3b allows remote malicious users to inject arbitrary web script or HTML via the category parameter in a details action.
Festengine Festos 2.3b
1 EDB exploit
NA
CVE-2012-4957
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
Novell File Reporter 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »