Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory pro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5905
Web Directory Pro allows remote malicious users to (1) backup the database and obtain the backup via a direct request to admin/backup_db.php or (2) modify configuration via a direct request to admin/options.php.
Web Directory Pro Web Directory Pro
NA
CVE-2001-0780
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote malicious users to gain sensitive information via a .. (dot dot) in the SHOW parameter.
Cosmicperl Directory Pro 2.0
1 EDB exploit
NA
CVE-2006-6804
SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Enthrallweb Dragon Business Directory Pro
1 EDB exploit
8
CVSSv3
CVE-2020-36503
The Connections Business Directory WordPress plugin prior to 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue
Connections-pro Connections Business Directory
5.4
CVSSv3
CVE-2023-29437
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.
Connections-pro Connections Business Directory
4.8
CVSSv3
CVE-2021-24794
The Connections Business Directory WordPress plugin prior to 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.
Connections-pro Connections Business Directory
8.8
CVSSv3
CVE-2020-36666
The directory-pro WordPress plugin prior to 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin prior to 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin prior to 1.0.9, real-estate-pro WordPress plugin prior to 1.7.1, insti...
E-plugins Wp Membership
E-plugins Fitness Trainer
E-plugins Hotel Directory
E-plugins Hospital \\& Doctor Directory
E-plugins Lawyer Directory
E-plugins Institutions Directory
E-plugins Real Estate Pro
E-plugins Final User
E-plugins Directory Pro
E-plugins Photographer-directory
E-plugins Producer-retailer -
8.8
CVSSv3
CVE-2023-37387
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions.
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
6.1
CVSSv3
CVE-2022-2655
The Classified Listing Pro WordPress plugin prior to 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
6.1
CVSSv3
CVE-2022-2654
The Classima WordPress theme prior to 2.1.11 and some of its required plugins (Classified Listing prior to 2.2.14, Classified Listing Pro prior to 2.0.20, Classified Listing Store & Membership prior to 1.4.20 and Classima Core prior to 1.10) do not escape a parameter before o...
Radiustheme Classima
Radiustheme Classima Core
Radiustheme Classified Listing Store \\& Membership
Radiustheme Classified Listing - Classified Ads \\& Business Directory
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »