Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ashiyane digital security team vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2013-6873
SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote malicious users to execute arbitrary SQL commands via the test_id parameter.
Testa Online Test Management System 2.0.0.2
1 EDB exploit
755
VMScore
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
755
VMScore
CVE-2013-7187
SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ncrafts Formcraft 1.3.1
Ncrafts Formcraft 1.3
Ncrafts Formcraft
Ncrafts Formcraft 1.3.6
Ncrafts Formcraft 1.2.1
Ncrafts Formcraft 1.2
Ncrafts Formcraft 1.3.3
Ncrafts Formcraft 1.3.2
Ncrafts Formcraft 1.3.5
Ncrafts Formcraft 1.3.4
Ncrafts Formcraft 1.1
1 EDB exploit
435
VMScore
CVE-2005-2077
Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote malicious users to inject arbitrary web script or HTML via the error parameter.
Hosting Controller Hosting Controller 1.1
Hosting Controller Hosting Controller 6.1 Hotfix 1.7
Hosting Controller Hosting Controller 6.1 Hotfix 1.9
Hosting Controller Hosting Controller 1.4.1
Hosting Controller Hosting Controller 1.4b
Hosting Controller Hosting Controller 6.1
Hosting Controller Hosting Controller 6.1 Hotfix 1.4
Hosting Controller Hosting Controller 1.3
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 6.1 Hotfix 2.0
1 EDB exploit
755
VMScore
CVE-2013-3530
SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the playlist_id parameter.
Fabricio Zuardi Xspf Player Plugin 0.1
1 EDB exploit
755
VMScore
CVE-2013-3532
SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the theme parameter.
Webdorado Spider Video Player 2.1
1 EDB exploit
685
VMScore
CVE-2013-5961
Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in lazy-seo/.
Danny Morris Lazy Seo 1.1.9
1 EDB exploit
505
VMScore
CVE-2014-9119
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and previous versions for Wordpress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Db Backup Project Db Backup
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started