Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secpod research vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-4720
Hillstone HS TFTP Server 1.3.2 allows remote malicious users to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.
Hillstone Software Hs Tftp Server 1.3.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-1007
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do ...
Apache Struts 1.3.10
1 EDB exploit
5
CVSSv2
CVE-2012-1009
NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote malicious users to cause a denial of service (daemon crash) via a malformed LPD request.
Netsarang Xlpd 4
Netsarang Xmanager Enterprise 4
1 EDB exploit
4.3
CVSSv2
CVE-2011-3393
Multiple cross-site scripting (XSS) vulnerabilities in findagent.php in MYRE Real Estate Software allow remote malicious users to inject arbitrary web script or HTML via the (1) country1, (2) state1, or (3) city1 parameter.
Myrephp Myre Real Estate Software
1 EDB exploit
7.5
CVSSv2
CVE-2011-3394
SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myrephp Myre Real Estate Software
1 EDB exploit
5
CVSSv2
CVE-2012-1008
OfficeSIP Server 3.1 allows remote malicious users to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
Officesip Officesip Server 3.1
1 EDB exploit
5
CVSSv2
CVE-2012-1464
Dashboard Server for NetMechanica NetDecision prior to 4.6.1 allows remote malicious users to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are o...
Netmechanica Netdecision
1 EDB exploit
5
CVSSv2
CVE-2012-1466
The Traffic Grapher Server for NetMechanica NetDecision prior to 4.6.1 allows remote malicious users to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. NOTE: some of these d...
Netmechanica Netdecision
1 EDB exploit
3.5
CVSSv2
CVE-2013-2299
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) prior to 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Advantech Advantech Webaccess 5.0
Advantech Advantech Webaccess
Advantech Advantech Webaccess 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-1005
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt...
Sphinx-soft Mobile Web Server 3.1.2.47
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »