Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivan sanchez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2783
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote malicious users to inject arbitrary web script or HTML via the timestamp parameter to (1) week.php, (2) workweek.php, and (3) day.php; and (4) the horde p...
Horde Groupware
Horde Groupware Webmail Edition
Horde Kronolith
3 EDB exploits
NA
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
NA
CVE-2007-5290
Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and previous versions; and possibly MailBee WebMail Pro ASP prior to 3.4.64, WebMail Lite ASP prior to 4.0.11, and WebMail Lite PHP prior to 4.0.22; allow remote malicious users to inject arbitrary web...
Afterlogic Mailbee Webmail
Afterlogic Mailbee Webmail 3.4
Afterlogic Mailbee Webmail 3.2
Afterlogic Mailbee Webmail 3.3
Afterlogic Mailbee Webmail 3.1
2 EDB exploits
NA
CVE-2009-3152
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote malicious users to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action.
Nt Bbs E-market
1 EDB exploit
NA
CVE-2008-2752
Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: ...
Microsoft Word 2000
Microsoft Word 2003
1 EDB exploit
NA
CVE-2009-0611
Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote malicious users to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter...
Novell Open Enterprise Server 1.x
1 EDB exploit
NA
CVE-2008-6615
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solel...
Zen-cart Zen Cart 2008
1 EDB exploit
NA
CVE-2007-5952
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote malicious users to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Helioscalendar Helios Calendar 1.2.1 Beta
1 EDB exploit
NA
CVE-2007-5647
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.
Socketkb Socketkb 1.1.5
1 EDB exploit
NA
CVE-2007-5649
Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via the lost_id parameter.
Socketmail Socketmail 2.2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »