Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inject vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-11564
The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack.
Dlink Eyeon Baby Monitor Firmware 1.08.1
2.6
CVSSv2
CVE-2014-3966
Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki prior to 1.19.16, 1.21.x prior to 1.21.10, and 1.22.x prior to 1.22.7, when wgRawHtml is enabled, allows remote malicious users to inject arbitrary web script or HTML via an invalid username.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.19.9
Mediawiki Mediawiki 1.19.10
8.8
CVSSv3
CVE-2021-30632
Out of bounds write in V8 in Google Chrome before 93.0.4577.82 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2022-29221
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trus...
Smarty Smarty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
1 Github repository
4.3
CVSSv2
CVE-2009-1310
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox prior to 3.0.9 allows user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Mozilla Firefox
Mozilla Firefox 0.1
Mozilla Firefox 0.2
Mozilla Firefox 0.3
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.6
Mozilla Firefox 0.6.1
Mozilla Firefox 0.7
Mozilla Firefox 0.7.1
Mozilla Firefox 0.8
Mozilla Firefox 0.9
9.6
CVSSv3
CVE-2021-30633
Use after free in Indexed DB API in Google Chrome before 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
1 Article
7.2
CVSSv3
CVE-2019-15978
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For m...
Cisco Data Center Network Manager
1 Article
7.2
CVSSv3
CVE-2019-15980
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. To exploit these vulnera...
Cisco Data Center Network Manager
1 Article
7.2
CVSSv3
CVE-2019-15981
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. To exploit these vulnera...
Cisco Data Center Network Manager
1 Article
7.2
CVSSv3
CVE-2019-15985
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administra...
Cisco Data Center Network Manager
1 Article
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21298
jenkins project
CVE-2025-23811
server-side request forgery
jenkins bitbucket server integration plugin
CVE-2025-21210
CVE-2025-23882
bypass
muzaara google ads report
wordpress file search
CVE-2025-24397
mass assignment
CVE-2024-12477
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »