Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivan sanchez vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
445
VMScore
CVE-2008-2783
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote malicious users to inject arbitrary web script or HTML via the timestamp parameter to (1) week.php, (2) workweek.php, and (3) day.php; and (4) the horde p...
Horde Groupware
Horde Groupware Webmail Edition
Horde Kronolith
3 EDB exploits
435
VMScore
CVE-2009-3152
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote malicious users to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action.
Nt Bbs E-market
1 EDB exploit
440
VMScore
CVE-2007-5290
Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and previous versions; and possibly MailBee WebMail Pro ASP prior to 3.4.64, WebMail Lite ASP prior to 4.0.11, and WebMail Lite PHP prior to 4.0.22; allow remote malicious users to inject arbitrary web...
Afterlogic Mailbee Webmail
Afterlogic Mailbee Webmail 3.4
Afterlogic Mailbee Webmail 3.2
Afterlogic Mailbee Webmail 3.3
Afterlogic Mailbee Webmail 3.1
2 EDB exploits
715
VMScore
CVE-2008-2752
Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: ...
Microsoft Word 2000
Microsoft Word 2003
1 EDB exploit
435
VMScore
CVE-2009-0611
Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote malicious users to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter...
Novell Open Enterprise Server 1.x
1 EDB exploit
755
VMScore
CVE-2008-6615
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solel...
Zen-cart Zen Cart 2008
1 EDB exploit
435
VMScore
CVE-2008-6616
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details ...
Zen-cart Zen Cart 2008
1 EDB exploit
935
VMScore
CVE-2008-3956
orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .opx file.
Microsoft Organization Chart 2.00
1 EDB exploit
435
VMScore
CVE-2007-5952
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote malicious users to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Helioscalendar Helios Calendar 1.2.1 Beta
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »