Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-0609
Directory traversal vulnerability in index.php in DivideConcept VHD Web Pack 2.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Divideconcept Vhd Web Pack 2.0
1 EDB exploit
505
VMScore
CVE-2008-0613
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.
Xoops Xoops 2.0.18
1 EDB exploit
435
VMScore
CVE-2009-1554
Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun GlassFish Enterprise Server and other products, allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 string in the PATH_INFO, which is displayed on the 4...
Sun Woodstock 4.2
1 EDB exploit
755
VMScore
CVE-2008-0231
Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote malicious users to include and execute arbitrary fil...
Tuned Studios Orange Cutout
Tuned Studios Subwoofer
Tuned Studios Endless
Tuned Studios Freeze Theme
Tuned Studios Lonely Maple
Tuned Studios Music Theme
Tuned Studios Classic Theme
1 EDB exploit
505
VMScore
CVE-2008-1557
BolinOS 4.6.1 allows remote malicious users to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
Bolinos Bolinos 4.6.1
1 EDB exploit
645
VMScore
CVE-2007-6546
RunCMS prior to 1.6.1 uses a predictable session id, which makes it easier for remote malicious users to hijack sessions via a modified id.
Runcms Runcms
1 EDB exploit
935
VMScore
CVE-2009-0465
The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ALL_IN_THE_BOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote malicious users to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the intended .box ...
Synactis All In The Box.ocx 3
1 EDB exploit
685
VMScore
CVE-2009-0039
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 allow remote malicious users to hijack the authentication of administrators for requests that (1) change the web admini...
Apache Geronimo 2.1.3
Apache Geronimo 2.1.1
Apache Geronimo 2.1.2
Apache Geronimo 2.1
1 EDB exploit
505
VMScore
CVE-2008-7084
Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI.
Hirschelectronics Velocity Security Management System 1.0
1 EDB exploit
1000
VMScore
CVE-2008-1331
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 prior to 210/091.001, OXO600 prior to 610/014.001, and other versions, allows remote malicious users to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the i...
Alcatel-lucent Omnipcx Office
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »