Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0846
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote malicious users to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
Microsoft Excel X
Microsoft Office 2000
Microsoft Excel 2001
Microsoft Excel 2002
Microsoft Office 2001
Microsoft Office V.x
Microsoft Excel 2000
8.1
CVSSv3
CVE-2018-17215
An information-disclosure issue exists in Postman up to and including 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. ...
Postman Postman
NA
CVE-2005-0494
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
Thomson Thomson Cable Modem Tcw690
1 EDB exploit
NA
CVE-2007-3354
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote malicious users to execute arbitrary SQL commands via the s_user_id parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.p...
Scriptdevelopers.net Netclassifieds 1.9.6.3
Scriptdevelopers.net Netclassifieds 1.0.1
Scriptdevelopers.net Netclassifieds 1.5.1
1 EDB exploit
NA
CVE-2005-4205
Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList 1.03c and previous versions allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Locazo Locazolist Classifieds
1 EDB exploit
NA
CVE-2010-0614
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote malicious users to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
Myshell Evalsmsi 2.1.03
1 EDB exploit
NA
CVE-2006-1916
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters.
Dbbs Dbbs 2.0
Dbbs Dbbs
1 EDB exploit
NA
CVE-2006-2067
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the userid parameter.
Mkportal Mkportal 1.1
1 EDB exploit
NA
CVE-2006-5943
Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote malicious users to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter.
Website Designs For Less Inventory Manager
1 EDB exploit
9.8
CVSSv3
CVE-2018-19971
JFrog Artifactory Pro 6.5.9 has Incorrect Access Control.
Jfrog Artifactory 6.5.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »