Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-0661
The Ad Injection WordPress plugin up to and including 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cro...
Ad Injection Project Ad Injection
NA
CVE-2010-0146
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Cisco Security Agent 6.0
NA
CVE-2010-0148
Unspecified vulnerability in Cisco Security Agent 5.2 prior to 5.2.0.285, when running on Linux, allows remote malicious users to cause a denial of service (kernel panic) via "a series of TCP packets."
Cisco Security Agent 5.2
NA
CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Cisco Security Agent 6.0
Cisco Security Agent 5.1
Cisco Security Agent 5.2
NA
CVE-2012-0337
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
Cisco Unified Meetingplace 7.1
NA
CVE-2012-5416
Buffer overflow in Cisco Unified MeetingPlace Web Conferencing prior to 7.1MR1 Patch 1, 8.0 prior to 8.0MR1 Patch 1, and 8.5 prior to 8.5MR3 allows remote malicious users to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua6634...
Cisco Unified Meetingplace 7.1
Cisco Unified Meetingplace
Cisco Unified Meetingplace 8.0
Cisco Unified Meetingplace 8.5
Cisco Unified Meetingplace 7.0.2
Cisco Unified Meetingplace 7.0.3
Cisco Unified Meetingplace 8.5.3
Cisco Unified Meetingplace 8.5.4
Cisco Unified Meetingplace 7.0.1
Cisco Unified Meetingplace 8.5.1
Cisco Unified Meetingplace 8.5.2
Cisco Unified Meetingplace 7.0
NA
CVE-2012-3075
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices prior to 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
Cisco Telepresence System Software 1.7.0.1\\(4764\\)
Cisco Telepresence System Software 1.6.7\\(4212\\)
Cisco Telepresence System Software 1.5.3\\(2115\\)
Cisco Telepresence System Software 1.5.12\\(3701\\)
Cisco Telepresence System Software
Cisco Telepresence System Software 1.7.2.1\\(2\\)
Cisco Telepresence System Software 1.7.1\\(4864\\)
Cisco Telepresence System Software 1.7.0.2\\(4719\\)
Cisco Telepresence System Software 1.5.10\\(3648\\)
Cisco Telepresence System Software 1.5.1\\(2082\\)
Cisco Telepresence System Software 1.4.7\\(2229\\)
Cisco Telepresence System Software 1.3.2\\(1393\\)
Cisco Telepresence System Software 1.6.8\\(4222\\)
Cisco Telepresence System Software 1.6.6\\(4109\\)
Cisco Telepresence System Software 1.6.0\\(3954\\)
Cisco Telepresence System Software 1.5.13\\(3717\\)
Cisco Telepresence System Software 1.5.11\\(3659\\)
Cisco Telepresence System Software 1.2.3\\(1101\\)
Cisco Telepresence System Software 1.6.5\\(4097\\)
Cisco Telepresence System Software 1.6.4\\(4072\\)
Cisco Telepresence System Software 1.6.3\\(4042\\)
Cisco Telepresence System Software 1.6.2\\(4023\\)
NA
CVE-2012-3074
An unspecified API on Cisco TelePresence Immersive Endpoint Devices prior to 1.9.1 allows remote malicious users to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.
Cisco Telepresence System Software 1.9.0\\(46\\)
Cisco Telepresence System Software 1.7.5\\(42\\)
Cisco Telepresence System Software 1.7.2.1\\(2\\)
Cisco Telepresence System Software 1.7.1\\(4864\\)
Cisco Telepresence System Software 1.6.6\\(4109\\)
Cisco Telepresence System Software 1.6.4\\(4072\\)
Cisco Telepresence System Software 1.5.11\\(3659\\)
Cisco Telepresence System Software 1.5.1\\(2082\\)
Cisco Telepresence System Software 1.8.2\\(11\\)
Cisco Telepresence System Software 1.8.1\\(34\\)
Cisco Telepresence System Software 1.8.0\\(55\\)
Cisco Telepresence System Software 1.7.6\\(4\\)
Cisco Telepresence System Software 1.6.2\\(4023\\)
Cisco Telepresence System Software 1.6.0\\(3954\\)
Cisco Telepresence System Software 1.5.3\\(2115\\)
Cisco Telepresence System Software 1.5.13\\(3717\\)
Cisco Telepresence System Software 1.7.0.2\\(4719\\)
Cisco Telepresence System Software 1.7.0.1\\(4764\\)
Cisco Telepresence System Software 1.6.8\\(4222\\)
Cisco Telepresence System Software 1.6.7\\(4212\\)
Cisco Telepresence System Software 1.4.7\\(2229\\)
Cisco Telepresence System Software 1.3.2\\(1393\\)
NA
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
NA
CVE-2014-3829
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variabl...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »