Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knockout vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
Knockoutjs Knockout
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Goldengate 12.3.0.1.2
801
VMScore
CVE-2017-6968
GMV Checker ATM Security before 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03.
Gmv Checker Atm Security -
1 Article
409
VMScore
CVE-2016-8009
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows malicious users to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
Mcafee Application Control 7.0.0
Mcafee Application Control 6.1.0
Mcafee Application Control 6.1.2
Mcafee Application Control 6.1.3
Mcafee Application Control 6.2.0
Mcafee Application Control 6.0.0
Mcafee Application Control 6.1.1
1 Article
668
VMScore
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.
Magento Magento
760
VMScore
CVE-2008-6516
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote malicious users to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of thi...
Phpkf Phpkf-portal 1.0
2 EDB exploits
755
VMScore
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote malicious users to execute arbitrary SQL commands via the ID parameter in an export action.
Aigaion Aigaion 1.3.4
1 EDB exploit
755
VMScore
CVE-2010-4912
SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote malicious users to execute arbitrary SQL commands via the shopid parameter in a view action.
Discuz Ucenter Home 2.0
1 EDB exploit
755
VMScore
CVE-2010-4797
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote malicious users to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
Truworthit Flex Timesheet
1 EDB exploit
755
VMScore
CVE-2010-4855
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote malicious users to execute arbitrary SQL commands via the makale_id parameter.
Aspindir Xweblog 2.2
1 EDB exploit
755
VMScore
CVE-2008-1493
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Cuteflow-bin Cuteflow Bin 1.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »