Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1553
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote malicious users to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) ...
Oracle Glassfish Server 2.1
8 EDB exploits
4.3
CVSSv2
CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e...
Claroline Claroline 1.8.10
4 EDB exploits
4.3
CVSSv2
CVE-2009-0038
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description...
Apache Geronimo 2.1.2
Apache Geronimo 2.1.1
Apache Geronimo 2.1.3
Apache Geronimo 2.1
2 EDB exploits
4.3
CVSSv2
CVE-2008-2421
Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sa...
Sap Sap Web Application Server 7.0
Sap Web Dynpro Abap
Sap Web Dynpro Bsp
1 EDB exploit
7.5
CVSSv2
CVE-2008-2482
Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the load parameter in a go action.
Insanevisions Onecms 2.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-3404
Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote malicious users to inject arbitrary web script or HTML via the link parameter.
Mdsjack Mjguest 6.8
1 EDB exploit
4.3
CVSSv2
CVE-2009-1554
Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun GlassFish Enterprise Server and other products, allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 string in the PATH_INFO, which is displayed on the 4...
Sun Woodstock 4.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-3363
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote malicious users to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
Dokeos E-learning System 1.8.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-2496
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
Quate Quate Cms 0.3.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-6884
Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter to (1) blocks.php and (2) main.php in xoops_lib/modul...
Xoops Xoops 2.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »