Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kenneth belva vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2787
comment_delete_cgi.php in Simple PHP Blog allows remote malicious users to delete arbitrary files via the comment parameter.
Alexander Palmo Simple Php Blog 0.4.0
1 EDB exploit
NA
CVE-2005-2192
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote malicious users to obtain passwords via a brute force attack.
Alexander Palmo Simple Php Blog 0.4.0
1 EDB exploit
NA
CVE-2014-6619
Multiple cross-site scripting (XSS) vulnerabilities in register-exec.php in Restaurant Script (PizzaInn_Project) 1.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) fname, (2) lname, or (3) login parameter.
Restaurantmis Restaurant Script 1.0.0
1 EDB exploit
NA
CVE-2005-2733
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote malicious users to execute arbitrary code.
Alexander Palmo Simple Php Blog 0.4.0
2 EDB exploits
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
NA
CVE-2015-2043
Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote malicious users to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parameter to myspeed/db/historyitem.
Visualware Myconnection Server 8.2b
NA
CVE-2014-3148
Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page.
Ok Web Server Project Ok Web Server -
NA
CVE-2014-6618
Cross-site scripting (XSS) vulnerability in Your Online Shop allows remote malicious users to inject arbitrary web script or HTML via the products_id parameter.
Your Online Shop Project Your Online Shop -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started