Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0948
Scripts For Educators MakeBook 2.2 CGI program allows remote malicious users to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered.
Scripts For Educators Makebook 2.2
1 EDB exploit
NA
CVE-2007-3909
Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote malicious users to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors.
Bandersnatch Bandersnatch 0.4
1 EDB exploit
5.7
CVSSv3
CVE-2018-3815
The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated malicious user to ...
Stalker Communigate Pro 6.2
NA
CVE-2005-4622
Directory traversal vulnerability in eFileGo 3.01 allows remote malicious users to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608 and (2) the argument to upload.exe.
Efilego Efilego 3.0.1
1 EDB exploit
7.8
CVSSv3
CVE-2023-22955
An issue exists on AudioCodes VoIP desk phones up to and including 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher ...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
NA
CVE-2006-0240
Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote malicious users to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts.
8pixel.net Simple Blog
1 EDB exploit
NA
CVE-2002-1673
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry...
Webmin Webmin 0.1
Webmin Webmin 0.41
Webmin Webmin 0.42
Webmin Webmin 0.78
Webmin Webmin 0.79
Webmin Webmin 0.80
Webmin Webmin 0.92.1
Webmin Webmin 0.22
Webmin Webmin 0.3
Webmin Webmin 0.6
Webmin Webmin 0.7
Webmin Webmin 0.85
Webmin Webmin 0.88
Webmin Webmin 0.31
Webmin Webmin 0.4
Webmin Webmin 0.76
Webmin Webmin 0.77
Webmin Webmin 0.91
Webmin Webmin 0.92
Webmin Webmin 0.2
Webmin Webmin 0.21
Webmin Webmin 0.5
1 EDB exploit
NA
CVE-2006-0479
pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] v...
Pmwiki Pmwiki 2.1 Beta 20
1 EDB exploit
NA
CVE-2006-5943
Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote malicious users to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter.
Website Designs For Less Inventory Manager
1 EDB exploit
NA
CVE-2006-2699
Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and previous versions allows remote malicious users to inject arbitrary HTML or web script via the image argument in a show action.
Geeklog Geeklog 1.3.10 Rc3
Geeklog Geeklog 1.3.11
Geeklog Geeklog 1.3.5 Sr1
Geeklog Geeklog 1.3.6
Geeklog Geeklog 1.3.8
Geeklog Geeklog 1.3.8 1
Geeklog Geeklog 1.3.8 1 Sr1
Geeklog Geeklog 1.3.9 Rc1
Geeklog Geeklog 1.3.9 Rc2
Geeklog Geeklog 1.4.0
Geeklog Geeklog 1.4.0 Beta1
Geeklog Geeklog 1.3.10 Rc1
Geeklog Geeklog 1.3.10 Rc2
Geeklog Geeklog 1.3.11 Sr4
Geeklog Geeklog 1.3.5
Geeklog Geeklog 1.3.7 Sr4
Geeklog Geeklog 1.3.7 Sr5
Geeklog Geeklog 1.3.8 1 Sr6
Geeklog Geeklog 1.3.9
Geeklog Geeklog 1.3.9 Sr4
Geeklog Geeklog 1.35
Geeklog Geeklog 1.3.11 Rc1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »