Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
benjamin harris vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5520
SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote malicious users to execute arbitrary SQL commands via the user_id parameter to plugins/webform/new-form.php, which is not properly handled by plugins/useradmin/fingeruser.php.
Xrms Crm Project Xrms Crm 1.99.2
1 EDB exploit
NA
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote malicious users to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
Phpwiki Project Phpwiki 1.5.0
1 EDB exploit
NA
CVE-2014-5521
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
Xrms Crm Project Xrms Crm 1.99.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started