Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aloyce j. makalanga vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-17968
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and previous versions could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.
Xi-soft Nettransport Download Manager
1 EDB exploit
435
VMScore
CVE-2017-17752
Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.
Codecrafters Ability Mail Server 3.3.2
1 EDB exploit
641
VMScore
CVE-2018-20331
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x...
Antiy Anti Virus Lab Atool 1.0.0.22
383
VMScore
CVE-2019-9557
Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) via the body e-mail body. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe.
Codecrafters Ability Mail Server 4.2.6
383
VMScore
CVE-2017-17933
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.
Netwin Surgeftp 23f2
383
VMScore
CVE-2018-6943
core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.
Ultimatemember Ultimatemember 2.0
383
VMScore
CVE-2019-9558
Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe.
Mailtraq Webmail 2.17.7.3550
383
VMScore
CVE-2018-6944
core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.
Ultimatemember Ultimate Member 2.0
1000
VMScore
CVE-2017-17849
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and previous versions could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
Getgosoft Getgo Download Manager
2 EDB exploits
1000
VMScore
CVE-2017-17932
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and previous versions that could allow remote malicious users to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
Allmediaserver Allmediaserver
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started