Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Groupware 1.2.10
Horde Horde 3.3.12
1 EDB exploit
NA
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ...
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.4
2 EDB exploits
NA
CVE-2012-1198
base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote malicious users to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action.
Secureideas Basic Analysis And Security Engine 1.4.5
1 EDB exploit
NA
CVE-2006-1114
Multiple directory traversal vulnerabilities in Loudblog prior to 0.42 allow remote malicious users to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (...
Gerrit Van Aaken Loudblog 0.41
2 EDB exploits
8
CVSSv3
CVE-2013-6234
Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI prior to 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, a...
Eng Spagobi
1 EDB exploit
NA
CVE-2001-1346
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
Ca Arcserve Backup 6.63
Broadcom Arcserve Backup 6.61
2 EDB exploits
NA
CVE-1999-0467
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote malicious user to read arbitrary files using the "template" parameter.
Webcom Cgi Guestbook
2 EDB exploits
NA
CVE-2008-6936
Argument injection vulnerability in Exodus 0.10 allows remote malicious users to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in a pres:// URI, a different vector than CVE-2008-6935.
Jabber Exodus 0.10
2 EDB exploits
NA
CVE-1999-0287
Vulnerability in the Wguest CGI program.
Webcom Cgi Guestbook
2 EDB exploits
NA
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »