Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5318
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in ...
Kishore Asokan Kish Guest Posting Plugin 1.2
1 EDB exploit
6.1
CVSSv3
CVE-2015-7711
Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the h parameter.
Atutor Atutor
NA
CVE-2008-4453
The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5.7.0.1 allows remote malicious users to create, overwrite, and modify arbitrary f...
Dspicture Light Imaging Toolkit 4.7.1
Dspicture Pro Imaging Sdk 5.7.1
1 EDB exploit
NA
CVE-2008-4645
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.
Phpwebgallery Phpwebgallery 1.4.1
Phpwebgallery Phpwebgallery 1.1
Phpwebgallery Phpwebgallery 1.5.0
Phpwebgallery Phpwebgallery 1.6.0
Phpwebgallery Phpwebgallery 1.6.2
Phpwebgallery Phpwebgallery 1.3.4
Phpwebgallery Phpwebgallery 1.6.1
Phpwebgallery Phpwebgallery 1.3.2
Phpwebgallery Phpwebgallery 1.3.3
Phpwebgallery Phpwebgallery 1.5.2
Phpwebgallery Phpwebgallery 1.5.1
Phpwebgallery Phpwebgallery 1.3.0
Phpwebgallery Phpwebgallery 1.4.0
Phpwebgallery Phpwebgallery 1.7.0
Phpwebgallery Phpwebgallery 1.0
Phpwebgallery Phpwebgallery 1.2.1
Phpwebgallery Phpwebgallery 1.3.1
Phpwebgallery Phpwebgallery
Phpwebgallery Phpwebgallery 1.7.1
1 EDB exploit
NA
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
NA
CVE-2013-3213
Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 up to and including 5.4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_l...
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 5.0.2
1 EDB exploit
8.1
CVSSv3
CVE-2013-3212
vtiger CRM 5.4.0 and previous versions contain local file-include vulnerabilities in 'customerportal.php' which allows remote malicious users to view files and execute local script code.
Vtiger Vtiger Crm
1 EDB exploit
9.8
CVSSv3
CVE-2013-3215
vtiger CRM 5.4.0 and previous versions contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.
Vtiger Vtiger Crm
1 EDB exploit
NA
CVE-2014-8790
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 up to and including 3.3.x prior to 3.3.5 Beta 1, when in certain configurations, allows remote malicious users to read arbitrary files via the data parameter.
Get-simple Getsimple Cms 3.3.2
Get-simple Getsimple Cms 3.2
Cagintranetworks Getsimple Cms 3.3.3
Cagintranetworks Getsimple Cms 3.3.4
Get-simple Getsimple Cms 3.1.1
Get-simple Getsimple Cms 3.1.2
Get-simple Getsimple Cms 3.2.1
Get-simple Getsimple Cms 3.2.2
Get-simple Getsimple Cms 3.3.0
Get-simple Getsimple Cms 3.2.3
Get-simple Getsimple Cms 3.3.1
9.8
CVSSv3
CVE-2014-3990
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and previous versions allows remote malicious users to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted ser...
Opencart Opencart
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »