Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
john leitch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3462
Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote malicious users to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from thi...
Mollify Mollify 1.6
Mollify Mollify 1.6.5.5
1 EDB exploit
NA
CVE-2010-2153
Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in ca...
Tecnick Tcexam 10.1.007
Tecnick Tcexam 10.1.006
1 EDB exploit
NA
CVE-2010-5278
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some ...
Modx Modx Revolution
1 EDB exploit
NA
CVE-2010-2669
Cross-site scripting (XSS) vulnerability in admin/editors/text/editor-body.php in Orbis CMS 1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Novo-ws Orbis Cms 1.0.2
1 EDB exploit
NA
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.06.10
1 EDB exploit
NA
CVE-2010-4518
Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search plugin 0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the v1 parameter.
Wobeo Wp-safe-search 0.7
1 EDB exploit
9.8
CVSSv3
CVE-2015-8608
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote malicious users to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
Perl Perl 5.22
NA
CVE-2010-2844
Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote malicious users to inject arbitrary web script or HTML via the n-cat parameter.
Newanz Newsoffice 2.0.18
1 EDB exploit
NA
CVE-2010-4800
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Baconmap Baconmap 1.0
1 EDB exploit
NA
CVE-2010-4801
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter.
Baconmap Baconmap 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »