Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4185
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the NRGNSID cookie.
Energine Energine 2.1
Energine Energine
Energine Energine 2.2
1 EDB exploit
2.6
CVSSv2
CVE-2010-4607
Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) additem_form parameter to system/admin/dash_additem.php and the (2) status_data[] parameter to sy...
Habariproject Habari 0.6.5
1 EDB exploit
6.8
CVSSv2
CVE-2010-4750
Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote malicious users to hijack the authentication of administrators.
Blogcms Blog\\ Cms
1 EDB exploit
7.5
CVSSv2
CVE-2010-4851
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote malicious users to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php.
Eclime Eclime 1.1.2b
1 EDB exploit
4.3
CVSSv2
CVE-2010-4882
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote malicious users to inject arbitrary web script or HTML via the sitetitle parameter.
Ventics Auto Cms 1.6
1 EDB exploit
7.5
CVSSv2
CVE-2012-0973
Multiple SQL injection vulnerabilities in OSClass prior to 2.3.5 allow remote malicious users to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearc...
Osclass Osclass
1 EDB exploit
4.3
CVSSv2
CVE-2012-0974
Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass prior to 2.3.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin para...
Juan Ramon Osclass 2.0.1
Juan Ramon Osclass 2.0
Juan Ramon Osclass 1.2
Juan Ramon Osclass 2.3
Juan Ramon Osclass 2.2.3
Juan Ramon Osclass 2.2.2
Juan Ramon Osclass 2.2.1
Juan Ramon Osclass 2.2
Juan Ramon Osclass 2.3.3
Juan Ramon Osclass 2.3.1
Juan Ramon Osclass 2.1
Juan Ramon Osclass 2.0.2
Juan Ramon Osclass 1.1
Juan Ramon Osclass
Juan Ramon Osclass 2.3.2
Juan Ramon Osclass 2.1.1
Juan Ramon Osclass 2.0.3
1 EDB exploit
6.5
CVSSv2
CVE-2012-1506
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM prior to 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details...
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
1 EDB exploit
7.5
CVSSv2
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2011-5073
Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) prior to 3.65 allow remote malicious users to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3...
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.21
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »