Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arora vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1100
Integer overflow in Arora allows remote malicious users to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.
Arora-browser Arora
NA
CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote malicious users to spoof the common name (CN) of a certificate via rich text.
Arora-browser Arora 0.11.0
4.8
CVSSv3
CVE-2023-24386
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Karishma Arora AI Contact Us Form plugin <= 1.0 versions.
Ai Contact Us Form Project Ai Contact Us Form
9.8
CVSSv3
CVE-2023-34027
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a up to and including 1.0.0.
Rajarora795 Recently Viewed Products
NA
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
6.1
CVSSv3
CVE-2021-3186
A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote malicious users to inject arbitrary web script or HTML via the Wifi Name parameter.
Tenda Ac1200 Firmware 15.03.06.47 Multi
NA
CVE-2008-4741
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the c parameter.
Far-php Far-php 1.00
1 EDB exploit
NA
CVE-2010-3125
Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx ...
Wolterskluwer Teammate Audit Management Software Suite 8.0
1 EDB exploit
NA
CVE-2010-3139
Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp fi...
Microsoft Windows
1 EDB exploit
NA
CVE-2010-3145
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by ...
Microsoft Windows Vista
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »