Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arora vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2010-3139
Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp fi...
Microsoft Windows
1 EDB exploit
935
VMScore
CVE-2010-3144
Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that co...
Microsoft Windows Xp -
Microsoft Windows Xp
Microsoft Windows Server 2003
1 EDB exploit
935
VMScore
CVE-2010-3145
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by ...
Microsoft Windows Vista
1 EDB exploit
935
VMScore
CVE-2010-3148
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio In...
Microsoft Visio 2003
1 EDB exploit
505
VMScore
CVE-2008-4741
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the c parameter.
Far-php Far-php 1.00
1 EDB exploit
755
VMScore
CVE-2008-7000
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote malicious users to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1.
Phpauction Phpauction 3.2
1 EDB exploit
NA
CVE-2011-0108
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none
1 EDB exploit
605
VMScore
CVE-2010-1598
phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote malicious users to execute arbitrary commands via the fltr[] parameter, as discovered in the wild in April 2010. NOTE: the provenance of this information is unknown; the det...
Silisoftware Phpthumb\\(\\) 1.7.9
1 Github repository
945
VMScore
CVE-2010-3143
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, o...
Microsoft Windows
3 EDB exploits
945
VMScore
CVE-2010-3147
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan h...
Microsoft Outlook Express 6.00.2900.5512
Microsoft Windows 2003 Server
Microsoft Windows 7
Microsoft Windows 7 -
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Vista
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Xp -
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2