Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scott vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1311
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote malicious users to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Microsoft Internet Explorer 8
1 EDB exploit
NA
CVE-2023-48901
A SQL injection vulnerability in tramyardg Autoexpress version 1.3.0, allows remote unauthenticated malicious users to execute arbitrary SQL commands via the parameter "id" within the getPhotosByCarId function call in details.php.
NA
CVE-2023-48902
An issue exists in tramyardg autoexpress version 1.3.0, allows unauthenticated remote malicious users to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php.
NA
CVE-2023-48903
Stored Cross-Site Scripting (XSS) vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated malicious users to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php.
NA
CVE-2013-0025
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote malicious users to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
Microsoft Internet Explorer 8
2 EDB exploits
NA
CVE-2014-1683
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS prior to 1.1 r248-04, when the pid parameter is 4, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) name, (2) email, (3) subject...
Skybluecanvas Skybluecanvas
2 EDB exploits
5.4
CVSSv3
CVE-2019-7004
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions before 11.0, including unsupported ve...
Avaya Ip Office Application Server
NA
CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, whic...
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
2 EDB exploits
NA
CVE-2013-0632
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote malicious users to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative ...
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
3 EDB exploits
3 Github repositories
NA
CVE-2003-0605
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote malicious users to cause a denial of service (crash), and local malicious users to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause ...
Microsoft Windows 2000
10 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5