Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sub vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-38321
The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selected_menu parameter found in the ~/custom-menus.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.3.3.
Custom-sub-menus Project Custom-sub-menus
8.6
CVSSv3
CVE-2021-1624
A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (...
Cisco Ios Xe
NA
CVE-2008-5190
SQL injection vulnerability in index.php in eSHOP100 allows remote malicious users to execute arbitrary SQL commands via the SUB parameter.
Eshop100 Eshop100 Nil
1 EDB exploit
NA
CVE-2008-0479
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote malicious users to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter.
Web Wiz Newspad 1.02
1 EDB exploit
NA
CVE-2008-0480
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and previous versions allow remote malicious users to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp.
Web Wiz Web Wiz Forums
1 EDB exploit
NA
CVE-2008-0466
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote malicious users to list directories and read files. NOTE: this can be leveraged for listings outside the c...
Webwiz Web Wiz Forums 9.07
Webwiz Web Wiz Newspad 1.02
Webwiz Web Wiz Rich Text Editor 4.0
2 EDB exploits
NA
CVE-2011-0349
Unspecified vulnerability in Cisco IOS 12.4(24)MD prior to 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different...
Cisco Ios 12.4\\(24\\)md
Cisco Ios 12.4\\(24\\)md1
NA
CVE-2011-0350
Unspecified vulnerability in Cisco IOS 12.4(24)MD prior to 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different...
Cisco Ios 12.4\\(24\\)md
Cisco Ios 12.4\\(24\\)md1
NA
CVE-2011-0348
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD prior to 12.4(24)MD3, 12.4(22)MDA prior to 12.4(22)MDA5, and 12.4(24)MDA prior to 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to bypass intended access restr...
Cisco Ios 12.4\\(24\\)md
Cisco Ios 12.4\\(24\\)md1
Cisco Ios 12.4\\(24\\)mda
Cisco Ios 12.4\\(22\\)mda
Cisco Ios 12.4\\(15\\)md
Cisco Ios 12.4\\(22\\)md
Cisco Ios 12.4\\(11\\)md
5.5
CVSSv3
CVE-2019-14858
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub par...
Redhat Ansible Tower
Redhat Ansible Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »