Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-10011
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be ...
Contus Hd Flv Player
9.8
CVSSv3
CVE-2014-4170
A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information.
Freereprintables Articlefr
1 EDB exploit
9.8
CVSSv3
CVE-2012-5699
BabyGekko prior to 1.2.4 allows PHP file inclusion.
Babygekko Babygekko
1 EDB exploit
9.8
CVSSv3
CVE-2012-3807
Samsung Kies prior to 2.5.0.12094_27_11 has arbitrary file execution.
Samsung Kies
1 EDB exploit
9.8
CVSSv3
CVE-2012-5878
Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 up to and including 0.1.4 allows remote malicious users to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath paramete...
Bulbsecurity Smartphone Pentest Framework
1 EDB exploit
9.8
CVSSv3
CVE-2014-8337
Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th...
Helpdezk Helpdezk
9.8
CVSSv3
CVE-2015-8352
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
Zen-cart Zen Cart 1.5.4
1 EDB exploit
9.8
CVSSv3
CVE-2016-2242
Exponent CMS 2.x prior to 2.3.7 Patch 3 allows remote malicious users to execute arbitrary code via the sc parameter to install/index.php.
Exponentcms Exponent Cms 2.0.8
Exponentcms Exponent Cms 2.0.4
Exponentcms Exponent Cms 2.3.0
Exponentcms Exponent Cms 2.1.0
Exponentcms Exponent Cms 2.2.3
Exponentcms Exponent Cms 2.3.3
Exponentcms Exponent Cms 2.0.0
Exponentcms Exponent Cms 2.3.4
Exponentcms Exponent Cms 2.2.0
Exponentcms Exponent Cms 2.1.3
Exponentcms Exponent Cms 2.3.8
Exponentcms Exponent Cms 2.1.4
Exponentcms Exponent Cms 2.3.1
Exponentcms Exponent Cms 2.0.6
Exponentcms Exponent Cms 2.0.5
Exponentcms Exponent Cms 2.2.2
Exponentcms Exponent Cms 2.3.7
Exponentcms Exponent Cms 2.1.1
Exponentcms Exponent Cms 2.0.3
Exponentcms Exponent Cms 2.3.5
Exponentcms Exponent Cms 2.2.1
Exponentcms Exponent Cms 2.3.2
9.8
CVSSv3
CVE-2013-7137
The "remember me" functionality in login.php in Burden prior to 1.8.1 allows remote malicious users to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.
Burden Project Burden
1 EDB exploit
9
CVSSv3
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin prior to 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: t...
Gwolle Guestbook Project Gwolle Guestbook
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »