Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory pro vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2006-5905
Web Directory Pro allows remote malicious users to (1) backup the database and obtain the backup via a direct request to admin/backup_db.php or (2) modify configuration via a direct request to admin/options.php.
Web Directory Pro Web Directory Pro
505
VMScore
CVE-2001-0780
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote malicious users to gain sensitive information via a .. (dot dot) in the SHOW parameter.
Cosmicperl Directory Pro 2.0
1 EDB exploit
755
VMScore
CVE-2006-6804
SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Enthrallweb Dragon Business Directory Pro
1 EDB exploit
534
VMScore
CVE-2020-36503
The Connections Business Directory WordPress plugin prior to 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue
Connections-pro Connections Business Directory
NA
CVE-2023-29437
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.
Connections-pro Connections Business Directory
312
VMScore
CVE-2021-24794
The Connections Business Directory WordPress plugin prior to 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.
Connections-pro Connections Business Directory
NA
CVE-2020-36666
The directory-pro WordPress plugin prior to 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin prior to 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin prior to 1.0.9, real-estate-pro WordPress plugin prior to 1.7.1, insti...
E-plugins Wp Membership
E-plugins Fitness Trainer
E-plugins Hotel Directory
E-plugins Hospital \\& Doctor Directory
E-plugins Lawyer Directory
E-plugins Institutions Directory
E-plugins Real Estate Pro
E-plugins Final User
E-plugins Directory Pro
E-plugins Photographer-directory
E-plugins Producer-retailer -
NA
CVE-2023-37387
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions.
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
NA
CVE-2022-2655
The Classified Listing Pro WordPress plugin prior to 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
NA
CVE-2022-2654
The Classima WordPress theme prior to 2.1.11 and some of its required plugins (Classified Listing prior to 2.2.14, Classified Listing Pro prior to 2.0.20, Classified Listing Store & Membership prior to 1.4.20 and Classima Core prior to 1.10) do not escape a parameter before o...
Radiustheme Classima
Radiustheme Classima Core
Radiustheme Classified Listing Store \\& Membership
Radiustheme Classified Listing - Classified Ads \\& Business Directory
Radiustheme Classified Listing Pro - Classified Ads \\& Business Directory
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »