Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0989
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Oneorzero Action And Information Management System 2.8.0
1 EDB exploit
NA
CVE-2012-0990
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote malicious users to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settin...
Dclassifieds Dclassifieds 0.1
1 EDB exploit
NA
CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Openemr Openemr 4.1.0
1 EDB exploit
NA
CVE-2011-0504
Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote malicious users to inject arbitrary web script or HTML via the (1) status parameter to admin/orders.php, (2) search parameter to admin/customers.php, or (3) STORE...
Vamshop Vam Shop 1.6.1
Vamshop Vam Shop 1.6
1 EDB exploit
NA
CVE-2010-0817
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote malicious users to inject arbitrary web script or HTML via the cid0 parameter.
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
NA
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
NA
CVE-2012-1506
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM prior to 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details...
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
1 EDB exploit
NA
CVE-2011-1047
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by ...
Vasthtml Forum Server 1.6.5
Vasthtml Forum Server 1.6.1
1 EDB exploit
NA
CVE-2014-2317
SQL injection vulnerability in ajax_udf.php in OpenDocMan prior to 1.2.7.2 allows remote malicious users to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information.
Opendocman Opendocman 1.2.6.2
Opendocman Opendocman 1.2.7
Opendocman Opendocman 1.2.6.3
Opendocman Opendocman 1.2.6.7
Opendocman Opendocman 1.2.6.6
Opendocman Opendocman 1.2.6.5
Opendocman Opendocman
Opendocman Opendocman 1.2.6.8
1 EDB exploit
NA
CVE-2015-3986
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allows remote malicious users to hijack the authentication of administrators for requests that condu...
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »