Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2011-3979
Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/theme_admin_setasdefault.php in the theme module in Zikula Application Framework 1.3.0 build 3168, 1.2.7, and probably other versions allows remote malicious users to inject arbitrary web script or HTML via the...
Zikula Zikula Application Framework 1.2.7
Zikula Zikula Application Framework 1.3.0
1 EDB exploit
435
VMScore
CVE-2011-4336
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
Tiki Tikiwiki Cms\\/groupware
1 EDB exploit
755
VMScore
CVE-2010-4152
SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646.
4site 4site Cms
4site 4site Cms 2.2
4site 4site Cms 2.0
1 EDB exploit
755
VMScore
CVE-2011-4833
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 prior to 6.1.7, 6.2 prior to 6.2.4, 6.3 prior to 6.3.0RC3, and 6.4 prior to 6.4.0beta1 allow remote malicious users to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_ful...
Sugarcrm Sugarcrm 6.2.1
Sugarcrm Sugarcrm 6.2.2
Sugarcrm Sugarcrm 6.1.3
Sugarcrm Sugarcrm 6.1.4
Sugarcrm Sugarcrm 6.3.0
Sugarcrm Sugarcrm 6.1.0
Sugarcrm Sugarcrm 6.4
Sugarcrm Sugarcrm 6.2.3
Sugarcrm Sugarcrm 6.1.5
Sugarcrm Sugarcrm 6.1.6
Sugarcrm Sugarcrm 6.2.0
Sugarcrm Sugarcrm 6.1.1
Sugarcrm Sugarcrm 6.1.2
1 EDB exploit
755
VMScore
CVE-2011-5072
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) prior to 3.65 allow remote malicious users to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_...
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.21
Sitracker Support Incident Tracker
1 EDB exploit
435
VMScore
CVE-2011-5073
Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) prior to 3.65 allow remote malicious users to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3...
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.21
1 EDB exploit
685
VMScore
CVE-2011-5259
SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM prior to 2.6.11.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.8.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.0
1 EDB exploit
685
VMScore
CVE-2010-5315
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita prior to 3.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array...
Chialab \\& Channelweb Bedita
1 EDB exploit
435
VMScore
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS prior to 0.6.7.1 allows remote malicious users to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
Basic-cms Sweetrice 0.6.7.1
1 EDB exploit
435
VMScore
CVE-2010-2437
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
Anecms Anecms Blog 1.0
Anecms Anecms Blog
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »