Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ariko-security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4631
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter t...
Pilotcart Pilot Cart 7.3
1 EDB exploit
NA
CVE-2010-4632
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote malicious users to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to sea...
Pilotcart Pilot Cart 7.3
1 EDB exploit
NA
CVE-2012-4928
Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Oxwall 1.1.1 allows remote malicious users to inject arbitrary web script or HTML via the plugin parameter.
Oxwall Oxwall 1.1.1
1 EDB exploit
NA
CVE-2012-0872
Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) captchaField, (2) email, (3) form_name, (4) password, (5) realname, (6) repeatPassword, or (7) username parame...
Oxwall Oxwall
NA
CVE-2010-2317
Multiple SQL injection vulnerabilities in WmsCms 2.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters...
Wmsdesign Wmscms
1 EDB exploit
NA
CVE-2010-0671
SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a niusy action.
Michalin Kr Media Pogodny Cms
1 EDB exploit
NA
CVE-2010-2316
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in WmsCms 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) search, (2) sbr, (3) p, and (4) sbl parameters, different vectors than CVE-2007-3137.
Wmsdesign Wmscms
1 EDB exploit
NA
CVE-2008-2688
SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote malicious users to execute arbitrary SQL commands via the article parameter in a kb action.
Pilotcart Pilot Cart 7.3
2 EDB exploits
9.8
CVSSv3
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
NA
CVE-2007-3137
Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in WmsCMS 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) sbl, (2) sbr, or (3) search parameter. NOTE: the original disclosure claims the pageid parameter i...
Webmaster Solutions Wmscms 2.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started