Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knockout vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
Knockoutjs Knockout
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Goldengate 12.3.0.1.2
8.8
CVSSv3
CVE-2017-6968
GMV Checker ATM Security before 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03.
Gmv Checker Atm Security -
1 Article
7.8
CVSSv3
CVE-2016-8009
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows malicious users to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
Mcafee Application Control 7.0.0
Mcafee Application Control 6.1.0
Mcafee Application Control 6.1.2
Mcafee Application Control 6.1.3
Mcafee Application Control 6.2.0
Mcafee Application Control 6.0.0
Mcafee Application Control 6.1.1
1 Article
9.8
CVSSv3
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.
Magento Magento
NA
CVE-2008-6516
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote malicious users to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of thi...
Phpkf Phpkf-portal 1.0
2 EDB exploits
NA
CVE-2010-3608
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
NA
CVE-2009-2117
uye_paneli.php in phPortal 1.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the kulladi cookie to a valid username.
Phportal Phportal 1.0
1 EDB exploit
NA
CVE-2010-4797
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote malicious users to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
Truworthit Flex Timesheet
1 EDB exploit
NA
CVE-2008-2634
SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the item parameter.
Bearrivernet.net I-pos Internet Pay Online Store 1.1
Bearrivernet.net I-pos Internet Pay Online Store
1 EDB exploit
NA
CVE-2008-2872
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the sayfa parameter.
Aspindir Shibby Shop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »