Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-0661
The Ad Injection WordPress plugin up to and including 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cro...
Ad Injection Project Ad Injection
NA
CVE-2010-0146
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Cisco Security Agent 6.0
NA
CVE-2010-0148
Unspecified vulnerability in Cisco Security Agent 5.2 prior to 5.2.0.285, when running on Linux, allows remote malicious users to cause a denial of service (kernel panic) via "a series of TCP packets."
Cisco Security Agent 5.2
NA
CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Cisco Security Agent 6.0
Cisco Security Agent 5.1
Cisco Security Agent 5.2
NA
CVE-2012-0337
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
Cisco Unified Meetingplace 7.1
NA
CVE-2012-5416
Buffer overflow in Cisco Unified MeetingPlace Web Conferencing prior to 7.1MR1 Patch 1, 8.0 prior to 8.0MR1 Patch 1, and 8.5 prior to 8.5MR3 allows remote malicious users to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua6634...
Cisco Unified Meetingplace 7.1
Cisco Unified Meetingplace
Cisco Unified Meetingplace 8.0
Cisco Unified Meetingplace 8.5
Cisco Unified Meetingplace 7.0.2
Cisco Unified Meetingplace 7.0.3
Cisco Unified Meetingplace 8.5.3
Cisco Unified Meetingplace 8.5.4
Cisco Unified Meetingplace 7.0.1
Cisco Unified Meetingplace 8.5.1
Cisco Unified Meetingplace 8.5.2
Cisco Unified Meetingplace 7.0
NA
CVE-2012-3075
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices prior to 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
Cisco Telepresence System Software 1.7.0.1\\(4764\\)
Cisco Telepresence System Software 1.6.7\\(4212\\)
Cisco Telepresence System Software 1.5.3\\(2115\\)
Cisco Telepresence System Software 1.5.12\\(3701\\)
Cisco Telepresence System Software
Cisco Telepresence System Software 1.7.2.1\\(2\\)
Cisco Telepresence System Software 1.7.1\\(4864\\)
Cisco Telepresence System Software 1.7.0.2\\(4719\\)
Cisco Telepresence System Software 1.5.10\\(3648\\)
Cisco Telepresence System Software 1.5.1\\(2082\\)
Cisco Telepresence System Software 1.4.7\\(2229\\)
Cisco Telepresence System Software 1.3.2\\(1393\\)
Cisco Telepresence System Software 1.6.8\\(4222\\)
Cisco Telepresence System Software 1.6.6\\(4109\\)
Cisco Telepresence System Software 1.6.0\\(3954\\)
Cisco Telepresence System Software 1.5.13\\(3717\\)
Cisco Telepresence System Software 1.5.11\\(3659\\)
Cisco Telepresence System Software 1.2.3\\(1101\\)
Cisco Telepresence System Software 1.6.5\\(4097\\)
Cisco Telepresence System Software 1.6.4\\(4072\\)
Cisco Telepresence System Software 1.6.3\\(4042\\)
Cisco Telepresence System Software 1.6.2\\(4023\\)
NA
CVE-2012-3074
An unspecified API on Cisco TelePresence Immersive Endpoint Devices prior to 1.9.1 allows remote malicious users to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.
Cisco Telepresence System Software 1.9.0\\(46\\)
Cisco Telepresence System Software 1.7.5\\(42\\)
Cisco Telepresence System Software 1.7.2.1\\(2\\)
Cisco Telepresence System Software 1.7.1\\(4864\\)
Cisco Telepresence System Software 1.6.6\\(4109\\)
Cisco Telepresence System Software 1.6.4\\(4072\\)
Cisco Telepresence System Software 1.5.11\\(3659\\)
Cisco Telepresence System Software 1.5.1\\(2082\\)
Cisco Telepresence System Software 1.8.2\\(11\\)
Cisco Telepresence System Software 1.8.1\\(34\\)
Cisco Telepresence System Software 1.8.0\\(55\\)
Cisco Telepresence System Software 1.7.6\\(4\\)
Cisco Telepresence System Software 1.6.2\\(4023\\)
Cisco Telepresence System Software 1.6.0\\(3954\\)
Cisco Telepresence System Software 1.5.3\\(2115\\)
Cisco Telepresence System Software 1.5.13\\(3717\\)
Cisco Telepresence System Software 1.7.0.2\\(4719\\)
Cisco Telepresence System Software 1.7.0.1\\(4764\\)
Cisco Telepresence System Software 1.6.8\\(4222\\)
Cisco Telepresence System Software 1.6.7\\(4212\\)
Cisco Telepresence System Software 1.4.7\\(2229\\)
Cisco Telepresence System Software 1.3.2\\(1393\\)
NA
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
NA
CVE-2008-5891
Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader prior to 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Injader Injader 2.0.2
Injader Injader
Injader Injader 2.1.0
Injader Injader 2.0.3
Injader Injader 1.6.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »