Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-1664
myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote malicious users to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
Easy-scripts Answer And Question Script
1 EDB exploit
645
VMScore
CVE-2009-1665
myaccount.php in Easy Scripts Answer and Question Script allows remote malicious users to remove arbitrary user accounts via a modified userid parameter without specifying any additional fields.
Easy-scripts Answer And Question Script
1 EDB exploit
435
VMScore
CVE-2009-1654
Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy Scripts Answer and Question Script allows remote malicious users to inject arbitrary web script or HTML via the questionid parameter.
Easy-scripts Answer And Question Script
1 EDB exploit
655
VMScore
CVE-2009-1655
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
Easy-scripts Answer And Question Script
1 EDB exploit
755
VMScore
CVE-2017-17871
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
Jextn Jextn Question And Answer 3.1.0
1 EDB exploit
445
VMScore
CVE-2012-4257
Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote malicious users to obtain sensitive information via an invalid character in the PHPSESSID, which reveals the installation path in an error message.
George Karpouzas Yet Another Question \\& Answer System 1.0
NA
CVE-2024-29217
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects Apache Answer: prior to 1.3.0. XSS attack when user changes personal website. A logged-in user, when modifying their personal website, ...
668
VMScore
CVE-2015-4514
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 42.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
1 Article
445
VMScore
CVE-2020-7962
An issue exists in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an malicious user to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The...
Oneidentity Password Manager 5.8
668
VMScore
CVE-2017-9109
An issue exists in adns prior to 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target,...
Gnu Adns
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »