Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snoopy vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2009-2854
Wordpress prior to 2.8.3 does not check capabilities for certain actions, which allows remote malicious users to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-categor...
Wordpress Wordpress
555
VMScore
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and previous versions, and Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a l...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.1
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.1.2
Nagios Nagios 3.2.0
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Icinga Icinga 1.9.0
1 EDB exploit
534
VMScore
CVE-2008-3325
Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x prior to 1.6.7 and 1.7.x prior to 1.7.5 allows remote malicious users to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.
Moodle Moodle
Debian Debian Linux 4.0
495
VMScore
CVE-2009-2334
wp-admin/admin.php in WordPress and WordPress MU prior to 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote malicious users to specify a configuration file in the page parameter to obtain sensitive information or mod...
Wordpress Wordpress 2.3.3
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.6
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.2.0
Wordpress Wordpress 2.2
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.5
Wordpress Wordpress 2.3
Wordpress Wordpress 2.2 Revision5003
1 EDB exploit
454
VMScore
CVE-2008-4106
WordPress prior to 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote malicious users to chang...
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5-strayhorn
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.6
Wordpress Wordpress 0.71-gold
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 1.0.1-miles
Wordpress Wordpress 1.0.2-blakey
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
445
VMScore
CVE-2014-1878
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and previous versions, and Icinga prior to 1.8.6, 1.9 prior to 1.9.5, and 1.10 prior to 1.10.3 allows remote malicious users to cause a denial of service (segmentation fault) vi...
Nagios Nagios
Icinga Icinga 1.10.0
Icinga Icinga 1.8.0
Icinga Icinga 1.8.1
Nagios Nagios 4.0.0
Icinga Icinga 1.9.2
Icinga Icinga 1.9.3
Icinga Icinga 1.9.4
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 1.8.4
Icinga Icinga
Icinga Icinga 1.10.1
Icinga Icinga 1.10.2
Icinga Icinga 1.8.2
Icinga Icinga 1.8.3
Nagios Nagios 4.0.2
435
VMScore
CVE-2009-2851
Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress prior to 2.8.2 allows remote malicious users to inject arbitrary web script or HTML via a comment author URL.
Wordpress Wordpress
1 EDB exploit
435
VMScore
CVE-2007-3555
Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote malicious users to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424.
Moodle Moodle 1.7.1
1 EDB exploit
383
VMScore
CVE-2008-6762
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
Wordpress Wordpress 2.6
383
VMScore
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.7.0
Moodle Moodle 1.7.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.6
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »