Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jonathan claudius vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-5193
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.8.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the path info to (1) stats/index.php or (2) newsletters/edition.php or the (3) username parameter to users/remind_p...
Bitweaver Bitweaver
1 EDB exploit
NA
CVE-2012-5192
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and previous versions allows remote malicious users to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.
Bitweaver Bitweaver 2.7
Bitweaver Bitweaver 2.6
Bitweaver Bitweaver 2.5
Bitweaver Bitweaver 2.0.2
Bitweaver Bitweaver 1.1
Bitweaver Bitweaver
Bitweaver Bitweaver 2.0.0
Bitweaver Bitweaver 1.3
Bitweaver Bitweaver 1.1.1 Beta
Bitweaver Bitweaver 1.3.1
Bitweaver Bitweaver 1.2.1
1 EDB exploit
NA
CVE-2013-5745
The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and previous versions, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remo...
David King Vino 3.6.2
David King Vino
David King Vino 3.4.2
David King Vino 3.2.1
David King Vino 3.2.0
David King Vino 3.1.2
David King Vino 3.1.1
David King Vino 2.99.3
David King Vino 2.99.2
David King Vino 2.8.0
David King Vino 3.6.0
David King Vino 3.6.1
David King Vino 3.3.1
David King Vino 3.2.2
David King Vino 3.1.4
David King Vino 3.1.3
David King Vino 3.0.0
David King Vino 2.99.5
David King Vino 2.99.4
David King Vino 2.8.1
David King Vino 2.8.0.1
David King Vino 2.7.4.90
1 EDB exploit
NA
CVE-2013-1194
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote malicious users to enumerate groups via a series of messages, ak...
Cisco Adaptive Security Appliance Software -
Cisco Adaptive Security Appliance
NA
CVE-2012-3848
Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to d4d/exporters.php, (2) the HTTP Referer hea...
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2012-3951
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and previous versions has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote malicious users to execute arbitrary SQL commands via a TCP sessi...
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 does not require token authentication, which allows remote malicious users to add administrative accounts via a userprefs action.
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2012-2627
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allows remote malicious users to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2012-1262
Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type prior to 4.38, 5.0x prior to 5.07, and 5.1x prior to 5.13, when the product is incompletely installed, allows remote malicious users to inject arbitrary web script or HTML via the dbuser paramete...
Movabletype Movable Type Open Source 5.04
Movabletype Movable Type Open Source 5.031
Movabletype Movable Type Open Source 4.34
Movabletype Movable Type Open Source 4.33
Movabletype Movable Type Open Source 4.2
Movabletype Movable Type Open Source 4.1
Movabletype Movable Type Open Source 5.12
Movabletype Movable Type Open Source 5.11
Movabletype Movable Type Open Source 5.03
Movabletype Movable Type Open Source 5.02
Movabletype Movable Type Open Source 4.32
Movabletype Movable Type Open Source 4.31
Movabletype Movable Type Open Source 4.3
Movabletype Movable Type Open Source 4.0
Movabletype Movable Type Open Source 5.05
Movabletype Movable Type Open Source 5.1
Movabletype Movable Type Open Source 4.36
Movabletype Movable Type Open Source 4.35
Movabletype Movable Type Open Source 4.25
Movabletype Movable Type Open Source 4.23
Movabletype Movable Type Open Source 5.06
Movabletype Movable Type Open Source 5.051
NA
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »