Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge base vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6567
PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote malicious users to execute arbitrary PHP code via a URL in the module_root_path parameter.
Mxbb Kb Mods 2.0.2
1 EDB exploit
8.2
CVSSv3
CVE-2021-2198
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...
NA
CVE-2005-3850
Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote malicious users to inject arbitrary web script or HTML via hex-encoded values in the q parameter.
Onlinetechtools.com Okbsys Lite 1.0
8.8
CVSSv3
CVE-2023-41357
Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute script...
Gss Vitals Enterprise Social Platform
9.8
CVSSv3
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script t...
Kbvault Mysql Project Kbvault Mysql 0.16a
1 EDB exploit
4.3
CVSSv3
CVE-2020-12027
All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features ...
Rockwellautomation Factorytalk View
8.1
CVSSv3
CVE-2020-12028
In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in securit...
Rockwellautomation Factorytalk View
5.4
CVSSv3
CVE-2019-14548
An issue exists in EspoCRM prior to 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using the Knowledge Base feature in the tab list. The attacker could inject malicious JavaScr...
Espocrm Espocrm
NA
CVE-2000-0236
Netscape Enterprise Server with Directory Indexing enabled allows remote malicious users to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
Netscape Enterprise Server 3.6
Netscape Enterprise Server 3.0
Netscape Enterprise Server 3.5.1
1 EDB exploit
NA
CVE-2024-2845
The BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including,...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »