Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrea fabrizi vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4554
Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote malicious users to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attri...
Snitz Communications Snitz Forums 2000 3.4.07
3 EDB exploits
5
CVSSv2
CVE-2009-3828
The web interface for Everfocus EDR1600 DVR allows remote malicious users to bypass authentication and access live cams via certain vectors.
Everfocus Edr1600
1 EDB exploit
5
CVSSv2
CVE-2013-3585
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent malicious users to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
Samsung Smart Viewer -
1 EDB exploit
7.5
CVSSv2
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote malicious users to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module...
Docebo Docebo 3.6.0.3
1 EDB exploit
7.6
CVSSv2
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote malicious users to bypass authentication via an arbitrary SessionID value in a cookie.
Samsung Smart Viewer -
Samsung Dvr -
1 EDB exploit
7.5
CVSSv2
CVE-2013-6987
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) prior to 4.3-3810 Update 3 allow remote malicious users to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (...
Synology Diskstation Manager 4.3-3810
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2005-0999
SQL injection vulnerability in the Top module for PHP-Nuke 6.x up to and including 7.6 allows remote malicious users to execute arbitrary SQL commands via the querylang parameter.
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
1 EDB exploit
4
CVSSv2
CVE-2011-5028
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and previous versions, as used in Novell Sentinel prior to 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter...
Novell Sentinel Log Manager
1 EDB exploit
7.5
CVSSv2
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started