Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manuel garcia cardenas vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-8789
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration.
Composr Project Composr
505
VMScore
CVE-2013-2624
Telean prior to 1.3.1 contains a full path disclosure vulnerability which could allow remote malicious users to obtain sensitive information through a specially crafted URL request.
Telaen Project Telaen
1 EDB exploit
445
VMScore
CVE-2013-2631
TinyWebGallery (TWG) 1.8.9 and previous versions contains a full path disclosure vulnerability which allows remote malicious users to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php.
Tinywebgallery Tinywebgallery
585
VMScore
CVE-2013-2621
Open Redirection Vulnerability in the redir.php script in Telaen prior to 1.3.1 allows remote malicious users to redirect victims to arbitrary websites via a crafted URL.
Telaen Project Telaen
1 EDB exploit
383
VMScore
CVE-2013-2622
Cross-site Scripting (XSS) in UebiMiau 2.7.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the "selected_theme" parameter in error.php.
Uebimiau Uebimiau
435
VMScore
CVE-2013-2623
Cross-site Scripting (XSS) in Telaen prior to 1.3.1 allows remote malicious users to inject arbitrary web script or HTML via the "f_email" parameter in index.php.
Telaen Project Telaen
1 EDB exploit
585
VMScore
CVE-2019-12922
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 EDB exploit
312
VMScore
CVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.
Cmsmadesimple Cms Made Simple 2.2.10
755
VMScore
CVE-2019-9618
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
Gracemedia Media Player Project Gracemedia Media Player 1.0
1 EDB exploit
755
VMScore
CVE-2018-10969
SQL injection vulnerability in the Pie Register plugin prior to 3.0.10 for WordPress allows remote malicious users to execute arbitrary SQL commands via the invitation codes grid.
Genetechsolutions Pie Register
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »