Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ariko-security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-4631
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter t...
Pilotcart Pilot Cart 7.3
1 EDB exploit
7.5
CVSSv2
CVE-2010-4632
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote malicious users to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to sea...
Pilotcart Pilot Cart 7.3
1 EDB exploit
4.3
CVSSv2
CVE-2012-4928
Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Oxwall 1.1.1 allows remote malicious users to inject arbitrary web script or HTML via the plugin parameter.
Oxwall Oxwall 1.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-0872
Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) captchaField, (2) email, (3) form_name, (4) password, (5) realname, (6) repeatPassword, or (7) username parame...
Oxwall Oxwall
7.5
CVSSv2
CVE-2010-2317
Multiple SQL injection vulnerabilities in WmsCms 2.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters...
Wmsdesign Wmscms
1 EDB exploit
7.5
CVSSv2
CVE-2010-0671
SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a niusy action.
Michalin Kr Media Pogodny Cms
1 EDB exploit
4.3
CVSSv2
CVE-2010-2316
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in WmsCms 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) search, (2) sbr, (3) p, and (4) sbl parameters, different vectors than CVE-2007-3137.
Wmsdesign Wmscms
1 EDB exploit
7.5
CVSSv2
CVE-2008-2688
SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote malicious users to execute arbitrary SQL commands via the article parameter in a kb action.
Pilotcart Pilot Cart 7.3
2 EDB exploits
7.5
CVSSv2
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-3137
Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in WmsCMS 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) sbl, (2) sbr, or (3) search parameter. NOTE: the original disclosure claims the pageid parameter i...
Webmaster Solutions Wmscms 2.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started