Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2010-0817
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote malicious users to inject arbitrary web script or HTML via the cid0 parameter.
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
435
VMScore
CVE-2010-4749
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.
Blogcms Blog\\ Cms
1 EDB exploit
685
VMScore
CVE-2010-4750
Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote malicious users to hijack the authentication of administrators.
Blogcms Blog\\ Cms
1 EDB exploit
755
VMScore
CVE-2010-4780
SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions prior to 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote malicious users to execute arbitrary SQL commands via the email parameter to index....
Enanocms Enano Cms 1.1.4
Enanocms Enano Cms 1.1.3
Enanocms Enano Cms 0.8.2
Enanocms Enano Cms 0.8.3
Enanocms Enano Cms 1.0.2b1
Enanocms Enano Cms 1.0.3
Enanocms Enano Cms
Enanocms Enano Cms 1.1.6
Enanocms Enano Cms 1.1.5
Enanocms Enano Cms 1.0.6
Enanocms Enano Cms 0.8.1
Enanocms Enano Cms 1.0
Enanocms Enano Cms 1.0.1
Enanocms Enano Cms 1.0.2
Enanocms Enano Cms 1.1.2
Enanocms Enano Cms 1.1.1
Enanocms Enano Cms 0.8.4
Enanocms Enano Cms 0.9.1
Enanocms Enano Cms 1.0.4
Enanocms Enano Cms 1.0.5
Enanocms Enano Cms 1.1.7
Enanocms Enano Cms 0.9.2
1 EDB exploit
215
VMScore
CVE-2010-1997
Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter.
Saurus Saurus Cms 4.7.0
1 EDB exploit
215
VMScore
CVE-2010-2038
Cross-site scripting (XSS) vulnerability in include/tool/editing_files.php in gpEasy CMS 1.6.2 allows remote authenticated users, with Edit privileges, to inject arbitrary web script or HTML via the gpcontent parameter to index.php. NOTE: some of these details are obtained from t...
Gpeasy Gpeasy Cms 1.6.2
1 EDB exploit
435
VMScore
CVE-2010-3026
Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote malicious users to hijack the authentication of administrators for requests to admin/users/edit that grant admin...
Tomaz-muraus Open Blog 1.2.1
1 EDB exploit
755
VMScore
CVE-2011-4162
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) prior to 6.1.0.1 allow remote malicious users to execute arbitrary code or cause a denial of service (he...
Hp Protecttools Device Access Manager 6.0.0.9
Hp Protecttools Device Access Manager
Hp Protecttools Device Access Manager 6.0.0.10
1 EDB exploit
655
VMScore
CVE-2012-1506
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM prior to 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details...
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
1 EDB exploit
755
VMScore
CVE-2010-4400
SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote malicious users to execute arbitrary SQL commands via the giveRights_UserId parameter.
Dynpg Dynpg 4.2.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »