Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2022-0661
The Ad Injection WordPress plugin up to and including 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cro...
Ad Injection Project Ad Injection
605
VMScore
CVE-2010-0146
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Cisco Security Agent 6.0
694
VMScore
CVE-2010-0148
Unspecified vulnerability in Cisco Security Agent 5.2 prior to 5.2.0.285, when running on Linux, allows remote malicious users to cause a denial of service (kernel panic) via "a series of TCP packets."
Cisco Security Agent 5.2
578
VMScore
CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Cisco Security Agent 5.1
Cisco Security Agent 5.2
Cisco Security Agent 6.0
578
VMScore
CVE-2012-0337
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
Cisco Unified Meetingplace 7.1
694
VMScore
CVE-2012-5416
Buffer overflow in Cisco Unified MeetingPlace Web Conferencing prior to 7.1MR1 Patch 1, 8.0 prior to 8.0MR1 Patch 1, and 8.5 prior to 8.5MR3 allows remote malicious users to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua6634...
Cisco Unified Meetingplace
Cisco Unified Meetingplace 7.0
Cisco Unified Meetingplace 7.0.1
Cisco Unified Meetingplace 7.0.2
Cisco Unified Meetingplace 7.0.3
Cisco Unified Meetingplace 7.1
Cisco Unified Meetingplace 8.0
Cisco Unified Meetingplace 8.5
Cisco Unified Meetingplace 8.5.1
Cisco Unified Meetingplace 8.5.2
Cisco Unified Meetingplace 8.5.3
Cisco Unified Meetingplace 8.5.4
801
VMScore
CVE-2012-3075
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices prior to 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
Cisco Telepresence System Software
Cisco Telepresence System Software 1.2.3(1101)
Cisco Telepresence System Software 1.3.2(1393)
Cisco Telepresence System Software 1.4.7(2229)
Cisco Telepresence System Software 1.5.1(2082)
Cisco Telepresence System Software 1.5.3(2115)
Cisco Telepresence System Software 1.5.10(3648)
Cisco Telepresence System Software 1.5.11(3659)
Cisco Telepresence System Software 1.5.12(3701)
Cisco Telepresence System Software 1.5.13(3717)
Cisco Telepresence System Software 1.6.0(3954)
Cisco Telepresence System Software 1.6.2(4023)
739
VMScore
CVE-2012-3074
An unspecified API on Cisco TelePresence Immersive Endpoint Devices prior to 1.9.1 allows remote malicious users to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.
Cisco Telepresence System Software
Cisco Telepresence System Software 1.2.3(1101)
Cisco Telepresence System Software 1.3.2(1393)
Cisco Telepresence System Software 1.4.7(2229)
Cisco Telepresence System Software 1.5.1(2082)
Cisco Telepresence System Software 1.5.3(2115)
Cisco Telepresence System Software 1.5.10(3648)
Cisco Telepresence System Software 1.5.11(3659)
Cisco Telepresence System Software 1.5.12(3701)
Cisco Telepresence System Software 1.5.13(3717)
Cisco Telepresence System Software 1.6.0(3954)
Cisco Telepresence System Software 1.6.2(4023)
890
VMScore
CVE-2014-0650
The web interface in Cisco Secure Access Control System (ACS) 5.x prior to 5.4 Patch 3 allows remote malicious users to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.
Cisco Secure Access Control System
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.2.0.26.2
1000
VMScore
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-54130
firmware
CVE-2024-42327
CVE-2024-42448
CVE-2024-54126
CVE-2024-53846
CVE-2024-38920
XPath injection
HTML injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »