Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-0988
Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefaults.php in KnowledgeTree 3.7.0.2 and possibly earlier allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) login.php, (2) admin.php, or (3) preferences.php.
Jam Warehouse Knowledgetree Open Source 3.7.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-0989
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Oneorzero Action And Information Management System 2.8.0
1 EDB exploit
3.5
CVSSv2
CVE-2012-0990
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote malicious users to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settin...
Dclassifieds Dclassifieds 0.1
1 EDB exploit
8.5
CVSSv2
CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Openemr Openemr 4.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-2436
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Anecms Anecms Blog
Anecms Anecms Blog 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2010-2437
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
Anecms Anecms Blog 1.0
Anecms Anecms Blog
1 EDB exploit
4.3
CVSSv2
CVE-2010-2463
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom prior to 4.1.9 allows remote malicious users to inject arbitrary web script or HTML via the post_id parameter in a modify action.
Jamroom Jamroom 1.0
Jamroom Jamroom 3.4.0
Jamroom Jamroom 2.66
Jamroom Jamroom 2.65
Jamroom Jamroom 2.67
Jamroom Jamroom 3.0
Jamroom Jamroom 3.3.4
Jamroom Jamroom 3.3.3
Jamroom Jamroom 3.0.5
Jamroom Jamroom 3.0.12
Jamroom Jamroom 3.0.11
Jamroom Jamroom 3.0.10
Jamroom Jamroom 3.0.22
Jamroom Jamroom 3.0.23
Jamroom Jamroom 3.0.24
Jamroom Jamroom 3.0.25
Jamroom Jamroom 4.1.5
Jamroom Jamroom 4.1.4
Jamroom Jamroom 4.1.3
Jamroom Jamroom 4.1.2
Jamroom Jamroom 4.0.4
Jamroom Jamroom 4.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2010-4399
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are o...
Dynpg Dynpg 4.2.0
Dynpg Dynpg 4.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-4400
SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote malicious users to execute arbitrary SQL commands via the giveRights_UserId parameter.
Dynpg Dynpg 4.2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »