Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portcullis-security.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
NA
CVE-2014-2042
Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive prior to 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a pre...
Livetecs Timeline 6.2.71
Livetecs Timeline 6.2.7
Livetecs Timeline 4.3.1
Livetecs Timeline 4.2.1
Livetecs Timeline 3.0.5
Livetecs Timeline 3.0.3
Livetecs Timeline 6.2.3
Livetecs Timeline 6.2.1
Livetecs Timeline 3.6.1
Livetecs Timeline 3.5.1
Livetecs Timeline 2.91
Livetecs Timeline 2.81
Livetecs Timeline 6.2.6
Livetecs Timeline 6.2.4
Livetecs Timeline 3.8.1
Livetecs Timeline 3.7.1
Livetecs Timeline 3.0.1
Livetecs Timeline 2.94
Livetecs Timeline
Livetecs Timeline 6.0.1
Livetecs Timeline 5.2.1
Livetecs Timeline 4.9.1
NA
CVE-2015-5074
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM prior to 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
X2engine X2crm
1 EDB exploit
NA
CVE-2015-5075
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM prior to 5.2 allows remote malicious users to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
X2engine X2crm
1 EDB exploit
NA
CVE-2012-2179
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Ibm Aix 5.3
Ibm Aix 6.1
Ibm Aix 7.1
1 EDB exploit
NA
CVE-2014-7177
XML External Entity vulnerability in Enalean Tuleap 7.2 and previous versions allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
Enalean Tuleap
1 EDB exploit
NA
CVE-2014-7178
Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Enalean Tuleap
1 EDB exploit
NA
CVE-2014-5308
Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php.
Testlink Testlink 1.9.11
1 EDB exploit
NA
CVE-2013-5795
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2, and 12.2.3 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite Sql-server 12.2.3
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
1 EDB exploit
NA
CVE-2014-6389
backup.php in PHPCompta/NOALYSS prior to 6.7.2 allows remote malicious users to execute arbitrary commands via shell metacharacters in the d parameter.
Phpcompta Phpcompta\\/noalyss
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »