Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secpod research vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1007
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do ...
Apache Struts 1.3.10
1 EDB exploit
NA
CVE-2012-1009
NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote malicious users to cause a denial of service (daemon crash) via a malformed LPD request.
Netsarang Xlpd 4
Netsarang Xmanager Enterprise 4
1 EDB exploit
NA
CVE-2012-1464
Dashboard Server for NetMechanica NetDecision prior to 4.6.1 allows remote malicious users to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are o...
Netmechanica Netdecision
1 EDB exploit
NA
CVE-2012-1006
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to st...
Apache Struts 2.0.14
Apache Struts 2.2.3
1 EDB exploit
NA
CVE-2012-1008
OfficeSIP Server 3.1 allows remote malicious users to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
Officesip Officesip Server 3.1
1 EDB exploit
NA
CVE-2011-4720
Hillstone HS TFTP Server 1.3.2 allows remote malicious users to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.
Hillstone Software Hs Tftp Server 1.3.2
1 EDB exploit
NA
CVE-2011-4722
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
Ipswitch Tftp Server 1.0.0.24
1 EDB exploit
NA
CVE-2012-1005
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt...
Sphinx-soft Mobile Web Server 3.1.2.47
1 EDB exploit
NA
CVE-2011-3393
Multiple cross-site scripting (XSS) vulnerabilities in findagent.php in MYRE Real Estate Software allow remote malicious users to inject arbitrary web script or HTML via the (1) country1, (2) state1, or (3) city1 parameter.
Myrephp Myre Real Estate Software
1 EDB exploit
NA
CVE-2011-3394
SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myrephp Myre Real Estate Software
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »