Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6944
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
1 EDB exploit
NA
CVE-2015-6945
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
1 EDB exploit
NA
CVE-2015-6972
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/client...
Igniterealtime Openfire 3.10.2
1 EDB exploit
8.6
CVSSv3
CVE-2017-15644
SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000.
Webmin Webmin
1 EDB exploit
8.8
CVSSv3
CVE-2017-15645
CSRF exists in Webmin 1.850. By sending a GET request to at/create_job.cgi containing dir=/&cmd= in the URI, an malicious user to execute arbitrary commands.
Webmin Webmin
1 EDB exploit
6.1
CVSSv3
CVE-2017-15646
Webmin prior to 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file downloa...
Webmin Webmin
1 EDB exploit
NA
CVE-2015-5066
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page...
Metalgenix Genixcms 0.0.3
1 EDB exploit
NA
CVE-2015-6517
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote malicious users to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
Phpliteadmin Project Phpliteadmin 1.1
1 EDB exploit
NA
CVE-2015-6518
Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) droptable parameter, or (3) table parameter to phpliteadmin.php.
Phpliteadmin Phpliteadmin 1.1
1 EDB exploit
NA
CVE-2015-5354
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
Novius-os Novius Os 5.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »