Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrea fabrizi vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-4554
Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote malicious users to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attri...
Snitz Communications Snitz Forums 2000 3.4.07
3 EDB exploits
755
VMScore
CVE-2013-6987
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) prior to 4.3-3810 Update 3 allow remote malicious users to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (...
Synology Diskstation Manager 4.3-3810
1 EDB exploit
1 Github repository
505
VMScore
CVE-2013-3585
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent malicious users to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
Samsung Smart Viewer -
1 EDB exploit
755
VMScore
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote malicious users to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module...
Docebo Docebo 3.6.0.3
1 EDB exploit
505
VMScore
CVE-2009-3828
The web interface for Everfocus EDR1600 DVR allows remote malicious users to bypass authentication and access live cams via certain vectors.
Everfocus Edr1600
1 EDB exploit
755
VMScore
CVE-2005-0999
SQL injection vulnerability in the Top module for PHP-Nuke 6.x up to and including 7.6 allows remote malicious users to execute arbitrary SQL commands via the querylang parameter.
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
1 EDB exploit
405
VMScore
CVE-2011-5028
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and previous versions, as used in Novell Sentinel prior to 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter...
Novell Sentinel Log Manager
1 EDB exploit
765
VMScore
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote malicious users to bypass authentication via an arbitrary SessionID value in a cookie.
Samsung Smart Viewer -
Samsung Dvr -
1 EDB exploit
760
VMScore
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started