Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
l0rd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-12908
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote malicious users to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.
Brynamics Brynamics -
1 EDB exploit
8.8
CVSSv3
CVE-2018-12519
An issue exists in ShopNx through 2017-11-17. The vulnerability allows a remote malicious user to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
Codenx Shopnx
1 EDB exploit
6.1
CVSSv3
CVE-2018-13849
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.
Instagram-clone Project Instagram-clone
1 EDB exploit
NA
CVE-2010-5008
SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote malicious users to execute arbitrary SQL commands via the ContactID parameter.
Denaliintranet Brightsuite Groupware 5.4
1 EDB exploit
NA
CVE-2010-5020
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Netartmedia Iboutique 4.0
1 EDB exploit
NA
CVE-2010-5021
SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote malicious users to execute arbitrary SQL commands via the intGroupID parameter.
Cramerdev Document Library 5.8.5
1 EDB exploit
NA
CVE-2010-5023
SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote malicious users to execute arbitrary SQL commands via the intDivisionID parameter.
Cramerdev Digital Interchange Calendar 5.8.5
1 EDB exploit
NA
CVE-2010-4997
SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a product action.
Olykit Swoopo Clone 2010
1 EDB exploit
NA
CVE-2010-5027
Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote malicious users to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information.
Sfiab Science Fair In A Box 2.2.0
Sfiab Science Fair In A Box 2.0.6
1 EDB exploit
NA
CVE-2010-5022
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the view parameter to index.php.
Harmistechnology Com Jesubmit 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »