Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inject vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-7318
Plone 3.3.0 up to and including 3.3.6 allows remote malicious users to inject headers into HTTP responses.
Plone Plone 3.3.1
Plone Plone 3.3.3
Plone Plone 3.3.4
Plone Plone 3.3.5
Plone Plone 3.3.6
Plone Plone 3.3
Plone Plone 3.3.2
3.3
CVSSv2
CVE-2018-10932
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an malicious user to inject shell control characters into the buffer and impact the behavior of the terminal.
Intel Lldptool
3.5
CVSSv2
CVE-2013-6465
Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.
Redhat Jbpm 6.0.0
4.3
CVSSv2
CVE-2013-4307
Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/EntityView.php in the Wikibase extension for MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 allow (1) remote malicious users to inject arbitrary web script or HTML via a lab...
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.6
NA
CVE-2023-41834
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially in...
Apache Flink Stateful Functions
5
CVSSv2
CVE-2015-2704
realmd allows remote malicious users to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.
Realmd Project Realmd
4.3
CVSSv2
CVE-2010-1593
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe prior to 2.3.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module prior to 0.2.5 in SilverStripe prior to 2.3.5 allo...
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe 2.1.0
Silverstripe Silverstripe 2.3.3
Silverstripe Silverstripe 2.3.2
Silverstripe Silverstripe 2.1.1
Silverstripe Silverstripe 2.2.2
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.0.0
Silverstripe Silverstripe 2.2.1
Silverstripe Silverstripe 2.2.4
Silverstripe Silverstripe 2.0.1
Silverstripe Silverstripe
Silverstripe Silverstripe 2.0.2
Silverstripe Silverstripe 2.2.0
2.6
CVSSv2
CVE-2021-37860
Mattermost 5.38 and previous versions fails to sufficiently sanitize clipboard contents, which allows a user-assisted malicious user to inject arbitrary web script in product deployments that explicitly disable the default CSP.
Mattermost Mattermost
4.6
CVSSv2
CVE-2020-8539
Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an malicious user to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. In addition, this executable may b...
Kia Head Unit Firmware Sop.003.30.18.0703
Kia Head Unit Firmware Sop.005.7.181019
Kia Head Unit Firmware Sop.007.1.191209
4.3
CVSSv2
CVE-2013-5645
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail prior to 0.9.3 allow user-assisted remote malicious users to inject arbitrary web script or HTML via the body of a message visited in (1) new or (2) draft mode, related to compose.inc; and (3) might allow re...
Roundcube Webmail 0.9
Roundcube Webmail 0.7.2
Roundcube Webmail 0.7.1
Roundcube Webmail 0.5
Roundcube Webmail 0.3
Roundcube Webmail 0.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.1
Roundcube Webmail 0.8.3
Roundcube Webmail 0.8.4
Roundcube Webmail 0.8.5
Roundcube Webmail
Roundcube Webmail 0.8.1
Roundcube Webmail 0.5.4
Roundcube Webmail 0.5.3
Roundcube Webmail 0.4
Roundcube Webmail 0.2.1
Roundcube Webmail 0.8.2
Roundcube Webmail 0.9.0
Roundcube Webmail 0.9.1
Roundcube Webmail 0.7
Roundcube Webmail 0.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »