Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
470
VMScore
CVE-2009-1553
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote malicious users to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) ...
Oracle Glassfish Server 2.1
8 EDB exploits
450
VMScore
CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e...
Claroline Claroline 1.8.10
4 EDB exploits
440
VMScore
CVE-2009-0038
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description...
Apache Geronimo 2.1.2
Apache Geronimo 2.1.1
Apache Geronimo 2.1.3
Apache Geronimo 2.1
2 EDB exploits
685
VMScore
CVE-2008-6253
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.
Pluck-cms Pluck 4.5.3
1 EDB exploit
645
VMScore
CVE-2008-2820
Directory traversal vulnerability in lang/lang-system.php in Open Azimyt CMS 0.22 minimal and 0.21 stable allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Azimyt Open Azimyt Cms 0.21 Stable
Azimyt Open Azimyt Cms 0.22 Minimal
1 EDB exploit
435
VMScore
CVE-2008-2421
Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sa...
Sap Sap Web Application Server 7.0
Sap Web Dynpro Abap
Sap Web Dynpro Bsp
1 EDB exploit
945
VMScore
CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 on Windows allow remote malicious users to upload files to arbitrary directories via directory traversal sequences in the (1) group, ...
Apache Geronimo 2.1
Apache Geronimo 2.1.2
Apache Geronimo 2.1.3
Apache Geronimo 2.1.1
1 EDB exploit
685
VMScore
CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Pixelpost Pixelpost 1.7.1
1 EDB exploit
755
VMScore
CVE-2008-3384
Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.
Cce-interact Interact 2.4.1
1 EDB exploit
685
VMScore
CVE-2008-3390
Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Minishowcase Minishowcase Image Gallery 09b136
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »