Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
journal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24050
Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows malicious users to run arbitrary code via parameters firstname and lastname in /add-user.php.
755
VMScore
CVE-2006-5720
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the forwhat parameter.
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke
1 EDB exploit
NA
CVE-2012-14671
Open Journal Systems version 2.3.6 suffers from file manipulation, cross site scripting, and shell upload vulnerabilities.
NA
CVE-2012-14693
Open Journal Systems version 2.3.6 suffers from file manipulation, cross site scripting, and shell upload vulnerabilities.
685
VMScore
CVE-2011-5195
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload a PHP file.
Public Knowledge Project Open Conference Systems 2.0
Public Knowledge Project Open Conference Systems 1.1.7
Public Knowledge Project Open Conference Systems 1.1.6
Public Knowledge Project Open Conference Systems 1.1.5
Public Knowledge Project Open Conference Systems 2.3.1
Public Knowledge Project Open Conference Systems 2.3
Public Knowledge Project Open Conference Systems 2.1.2-1
Public Knowledge Project Open Conference Systems 2.1.2
Public Knowledge Project Open Conference Systems 2.1.1.-2
Public Knowledge Project Open Conference Systems 1.1
Public Knowledge Project Open Conference Systems 1.0
Public Knowledge Project Open Conference Systems
Public Knowledge Project Open Conference Systems 2.3.3
Public Knowledge Project Open Conference Systems 2.1.1-1
Public Knowledge Project Open Conference Systems 2.1.0-1
Public Knowledge Project Open Conference Systems 1.1.3
Public Knowledge Project Open Conference Systems 1.1.1
Public Knowledge Project Open Conference Systems 2.3.3-1
Public Knowledge Project Open Conference Systems 2.3.2
Public Knowledge Project Open Conference Systems 2.1.1
Public Knowledge Project Open Conference Systems 2.1
Public Knowledge Project Open Conference Systems 1.1.4
1 EDB exploit
685
VMScore
CVE-2011-5197
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Harvester Systems 2.3.1 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload PHP files.
Public Knowledge Project Open Harvester Systems 1.0
Public Knowledge Project Open Harvester Systems 1.0.1
Public Knowledge Project Open Harvester Systems 2.0.0
Public Knowledge Project Open Harvester Systems 2.0.1
Public Knowledge Project Open Harvester Systems 2.3.0
Public Knowledge Project Open Harvester Systems
1 EDB exploit
383
VMScore
CVE-2019-16147
Liferay Portal up to and including 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.
Liferay Liferay Portal 7.2.0
Liferay Liferay Portal
187
VMScore
CVE-2014-9770
tmpfiles.d/systemd.conf in systemd prior to 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Opensuse Opensuse 13.2
828
VMScore
CVE-2016-0182
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote malicious users to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption Vulnerability."
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows 10 1511
Microsoft Windows 10 -
Microsoft Windows Rt 8.1
Microsoft Windows Vista
828
VMScore
CVE-2015-6097
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote malicious users to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability.&qu...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Server 2008 -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »