Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2042
Cross-site scripting (XSS) vulnerability in ajax-spell prior to 1.8 allows remote malicious users to inject arbitrary web script or HTML via onmouseover or other events in HTML tags.
Ajax-spell Ajax-spell 1.2
Ajax-spell Ajax-spell 1.7
Ajax-spell Ajax-spell 1.1
Ajax-spell Ajax-spell 1.4
Ajax-spell Ajax-spell 1.3
Ajax-spell Ajax-spell 1.5
Ajax-spell Ajax-spell 1.6
9.8
CVSSv3
CVE-2017-5677
PEAR HTML_AJAX 0.3.0 up to and including 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
Pear Html Ajax 0.5.0
Pear Html Ajax 0.3.0
Pear Html Ajax 0.5.1
Pear Html Ajax 0.5.2
Pear Html Ajax 0.5.5
Pear Html Ajax 0.5.4
Pear Html Ajax 0.3.1
Pear Html Ajax 0.5.3
Pear Html Ajax 0.3.4
Pear Html Ajax 0.5.7
Pear Html Ajax 0.3.3
Pear Html Ajax 0.3.2
Pear Html Ajax 0.4.1
Pear Html Ajax 0.4.0
Pear Html Ajax 0.5.6
NA
CVE-2013-2707
Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin prior to 3.1 for WordPress allows remote malicious users to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Netweblogic Login With Ajax 2.1
Netweblogic Login With Ajax 2.1.1
Netweblogic Login With Ajax 2.1.2
Netweblogic Login With Ajax 2.1.3
Netweblogic Login With Ajax 2.1.4
Netweblogic Login With Ajax 2.1.5
Netweblogic Login With Ajax 2.2
Netweblogic Login With Ajax 2.21
Netweblogic Login With Ajax 3.0
Netweblogic Login With Ajax 3.0.1
Netweblogic Login With Ajax 3.0.2
Netweblogic Login With Ajax 3.0.3
Netweblogic Login With Ajax 3.0.4
Netweblogic Login With Ajax 3.0.4.1
Netweblogic Login With Ajax 3.0b
Netweblogic Login With Ajax 3.0b3
Netweblogic Login With Ajax 3.1
NA
CVE-2012-4283
Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin prior to 3.0.4.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the callback parameter.
Netweblogic Login With Ajax
Netweblogic Login With Ajax 2.1
Netweblogic Login With Ajax 2.1.1
Netweblogic Login With Ajax 2.1.2
Netweblogic Login With Ajax 2.1.3
Netweblogic Login With Ajax 2.1.4
Netweblogic Login With Ajax 2.1.5
Netweblogic Login With Ajax 2.2
Netweblogic Login With Ajax 2.21
Netweblogic Login With Ajax 3.0
Netweblogic Login With Ajax 3.0.1
Netweblogic Login With Ajax 3.0.2
Netweblogic Login With Ajax 3.0.3
Netweblogic Login With Ajax 3.0b
NA
CVE-2012-2759
Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin prior to 3.0.4.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the callback parameter in a lostpassword action to wp-login....
Netweblogic Login With Ajax
Netweblogic Login With Ajax 2.1
Netweblogic Login With Ajax 2.1.1
Netweblogic Login With Ajax 2.1.2
Netweblogic Login With Ajax 2.1.3
Netweblogic Login With Ajax 2.1.4
Netweblogic Login With Ajax 2.1.5
Netweblogic Login With Ajax 2.2
Netweblogic Login With Ajax 2.21
Netweblogic Login With Ajax 3.0
Netweblogic Login With Ajax 3.0.1
Netweblogic Login With Ajax 3.0.2
Netweblogic Login With Ajax 3.0.3
Netweblogic Login With Ajax 3.0b
7.5
CVSSv3
CVE-2022-38456
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions.
Ajax Search Project Ajax Search
NA
CVE-2015-3392
Cross-site scripting (XSS) vulnerability in the Ajax Timeline module prior to 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
Ajax Timeline Project Ajax Timeline
NA
CVE-2012-5853
SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin prior to 1.3 for WordPress allows remote malicious users to execute arbitrary SQL commands via the srch_txt parameter in a &...
Ajax Search Project Ajax Search
6.1
CVSSv3
CVE-2023-1420
The Ajax Search Lite WordPress plugin prior to 4.11.1, Ajax Search Pro WordPress plugin prior to 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high...
Ajax Search Project Ajax Search
6.1
CVSSv3
CVE-2023-1435
The Ajax Search Pro WordPress plugin prior to 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Ajax Search Project Ajax Search
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »