Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
945
VMScore
CVE-2010-1296
Multiple buffer overflows in Adobe Photoshop CS4 prior to 11.0.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.
Adobe Photoshop Cs4
Adobe Photoshop Cs4 11.0
3 EDB exploits
450
VMScore
CVE-2011-1062
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (...
Taskfreak Taskfreak\\! 0.6.4
4 EDB exploits
935
VMScore
CVE-2010-1280
Adobe Shockwave Player prior to 11.5.7.609 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
Adobe Shockwave Player
1 EDB exploit
440
VMScore
CVE-2012-1049
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote malicious users to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.
Manageengine Admanager Plus 5.2
2 EDB exploits
700
VMScore
CVE-2010-5240
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cp...
Corel Coreldraw X5 15.1.0.588
Corel Photo-paint X3 13.0.0.576
2 EDB exploits
435
VMScore
CVE-2012-2741
Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList prior to 2.10.18 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.10
Phplist Phplist 2.10.2
Phplist Phplist
Phplist Phplist 2.10.16
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.10.11
Phplist Phplist 2.10.9
Phplist Phplist 2.10.3
Phplist Phplist 2.10.1
1 EDB exploit
505
VMScore
CVE-2012-2905
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request.
Artiphp Artiphp Cms 5.5.0
1 EDB exploit
435
VMScore
CVE-2012-2911
Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote malicious users to inject arbitrary web script or HTML via the onlyDB parameter.
Silisoftware Backupdb\\(\\) 1.2.7a
1 EDB exploit
935
VMScore
CVE-2012-5324
Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote malicious users to execute arbitrary code via a long string in the (1) sub_path parameter to the StoreInRegistry function or (2) sub_key...
Tracker-software Pdf-xchange 3.60.0128
1 EDB exploit
655
VMScore
CVE-2011-1100
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
Pixelpost Pixelpost 1.7.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »