Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3030
Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote malicious users to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is un...
Tomaz-muraus Open Blog 1.2.1
1 EDB exploit
NA
CVE-2010-4152
SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646.
4site 4site Cms
4site 4site Cms 2.2
4site 4site Cms 2.0
1 EDB exploit
NA
CVE-2010-4185
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the NRGNSID cookie.
Energine Energine 2.1
Energine Energine
Energine Energine 2.2
1 EDB exploit
NA
CVE-2010-4613
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php.
Hycus Hycus Cms 1.0.3
1 EDB exploit
NA
CVE-2010-4781
index.php in Enano CMS 1.1.7pl1, and possibly other versions prior to 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote malicious users to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message.
Enanocms Enano Cms 1.1.4
Enanocms Enano Cms 1.1.3
Enanocms Enano Cms 0.8.2
Enanocms Enano Cms 0.8.3
Enanocms Enano Cms 1.0.2
Enanocms Enano Cms 1.0.2b1
Enanocms Enano Cms
Enanocms Enano Cms 1.1.7
Enanocms Enano Cms 1.0.6
Enanocms Enano Cms 0.9.2
Enanocms Enano Cms 0.9.3
Enanocms Enano Cms 1.0.5
Enanocms Enano Cms 1.1.6
Enanocms Enano Cms 1.1.5
Enanocms Enano Cms 0.8.1
Enanocms Enano Cms 1.0
Enanocms Enano Cms 1.0.1
Enanocms Enano Cms 1.1.2
Enanocms Enano Cms 1.1.1
Enanocms Enano Cms 0.8.4
Enanocms Enano Cms 0.9.1
Enanocms Enano Cms 1.0.3
1 EDB exploit
NA
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
NA
CVE-2012-4679
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop prior to 3.5.5 allows remote malicious users to inject arbitrary web script or HTML via the f_user_name parameter.
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop
1 EDB exploit
NA
CVE-2014-2317
SQL injection vulnerability in ajax_udf.php in OpenDocMan prior to 1.2.7.2 allows remote malicious users to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information.
Opendocman Opendocman 1.2.6.2
Opendocman Opendocman 1.2.7
Opendocman Opendocman 1.2.6.3
Opendocman Opendocman 1.2.6.7
Opendocman Opendocman 1.2.6.6
Opendocman Opendocman 1.2.6.5
Opendocman Opendocman
Opendocman Opendocman 1.2.6.8
1 EDB exploit
NA
CVE-2015-3986
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allows remote malicious users to hijack the authentication of administrators for requests that condu...
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
NA
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS prior to 0.6.7.1 allows remote malicious users to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
Basic-cms Sweetrice 0.6.7.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »