Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2016-3173
An issue exists in Open-Xchange OX AppSuite prior to 7.8.0-rev27. The aria-label parameter of tiles at the Portal can be used to inject script code. Those labels use the name of the file (e.g. an image) which gets displayed at the portal application. Using script code at the file...
Open-xchange Open-xchange Appsuite
640
VMScore
CVE-2006-5983
Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (...
Jbmc Software Directadmin 1.28.1
8 EDB exploits
635
VMScore
CVE-2006-6198
Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport...
Cpanel Webhost Manager 3.1.0
7 EDB exploits
445
VMScore
CVE-2007-4115
Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote malicious users to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.
Itcms Itcms 0.2
3 EDB exploits
360
VMScore
CVE-2006-5883
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
Cpanel Cpanel 10
2 EDB exploits
760
VMScore
CVE-2006-6932
Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp, or the (2) order or (3) page parameter to (b) default.asp.
Image Gallery With Access Database Image Gallery With Access Database
2 EDB exploits
760
VMScore
CVE-2006-6050
Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote malicious users to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp.
Clicktech Texas Rankem
2 EDB exploits
760
VMScore
CVE-2006-6195
Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote malicious users to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.
Fixit Knowledge Solutions Idms Pro Image Gallery
2 EDB exploits
760
VMScore
CVE-2006-6247
Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote malicious users to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.
Uapplication Uphotogallery 1.1
2 EDB exploits
755
VMScore
CVE-2007-5679
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote malicious users to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
Deeemm Dmcms 0.7.0
Deeemm Dmcms 0.7.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »