Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arora vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-1100
Integer overflow in Arora allows remote malicious users to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.
Arora-browser Arora
5
CVSSv2
CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote malicious users to spoof the common name (CN) of a certificate via rich text.
Arora-browser Arora 0.11.0
NA
CVE-2023-24386
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Karishma Arora AI Contact Us Form plugin <= 1.0 versions.
Ai Contact Us Form Project Ai Contact Us Form
NA
CVE-2023-34027
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a up to and including 1.0.0.
Rajarora795 Recently Viewed Products
7.5
CVSSv2
CVE-2008-6213
SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote malicious users to execute arbitrary SQL commands via the trg parameter.
Harlandscripts Pro Traffic One -
1 EDB exploit
NA
CVE-2011-0108
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none
1 EDB exploit
4.3
CVSSv2
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
5
CVSSv2
CVE-2008-4741
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the c parameter.
Far-php Far-php 1.00
1 EDB exploit
7.5
CVSSv2
CVE-2008-7000
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote malicious users to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1.
Phpauction Phpauction 3.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6266
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Appstate Phpwebsite 0.9.3-3
Appstate Phpwebsite 0.9.3-2
Appstate Phpwebsite 0.9.3-4
Appstate Phpwebsite 0.9.3-1
Appstate Phpwebsite 0.9.3
Appstate Phpwebsite 0.8.3
Appstate Phpwebsite 0.8.2
Appstate Phpwebsite 0.7.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »