Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-4162
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) prior to 6.1.0.1 allow remote malicious users to execute arbitrary code or cause a denial of service (he...
Hp Protecttools Device Access Manager 6.0.0.9
Hp Protecttools Device Access Manager
Hp Protecttools Device Access Manager 6.0.0.10
1 EDB exploit
7.5
CVSSv2
CVE-2011-4833
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 prior to 6.1.7, 6.2 prior to 6.2.4, 6.3 prior to 6.3.0RC3, and 6.4 prior to 6.4.0beta1 allow remote malicious users to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_ful...
Sugarcrm Sugarcrm 6.2.1
Sugarcrm Sugarcrm 6.2.2
Sugarcrm Sugarcrm 6.1.3
Sugarcrm Sugarcrm 6.1.4
Sugarcrm Sugarcrm 6.3.0
Sugarcrm Sugarcrm 6.1.0
Sugarcrm Sugarcrm 6.4
Sugarcrm Sugarcrm 6.2.3
Sugarcrm Sugarcrm 6.1.5
Sugarcrm Sugarcrm 6.1.6
Sugarcrm Sugarcrm 6.2.0
Sugarcrm Sugarcrm 6.1.1
Sugarcrm Sugarcrm 6.1.2
1 EDB exploit
4.3
CVSSv2
CVE-2010-4399
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are o...
Dynpg Dynpg 4.2.0
Dynpg Dynpg 4.1.1
1 EDB exploit
5
CVSSv2
CVE-2010-4401
languages.inc.php in DynPG CMS 4.2.0 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Dynpg Dynpg 4.2.0
1 EDB exploit
5
CVSSv2
CVE-2010-4608
Habari 0.6.5 allows remote malicious users to obtain sensitive information via a direct request to (1) header.php and (2) comments_items.php in system/admin/, which reveals the installation path in an error message.
Habariproject Habari 0.6.5
1 EDB exploit
4.3
CVSSv2
CVE-2010-4610
Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS 3.1.8 allows remote malicious users to inject arbitrary web script or HTML via the error parameter.
Html-edit Html-edit Cms 3.1.8
1 EDB exploit
5
CVSSv2
CVE-2010-4611
Html-edit CMS 3.1.8 allows remote malicious users to obtain sensitive information via a direct request to (1) pages.php and (2) menu.php in includes/core_files and (3) extensions/login/frontend/pages/antihacker.php, which reveals the installation path in an error message.
Html-edit Html-edit Cms 3.1.8
1 EDB exploit
6.8
CVSSv2
CVE-2010-4612
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1...
Hycus Hycus Cms 1.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2010-4613
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php.
Hycus Hycus Cms 1.0.3
1 EDB exploit
7.1
CVSSv2
CVE-2014-2996
XCloner Standalone 3.5 and previous versions, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear ...
Xcloner Xcloner
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »