Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-11897
The Treck TCP/IP stack prior to 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
Treck Tcp\\/ip
1 Github repository
1 Article
570
VMScore
CVE-2020-11898
The Treck TCP/IP stack prior to 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote malicious users to trigger an information leak.
Treck Tcp\\/ip
1 Github repository
1 Article
427
VMScore
CVE-2020-11899
The Treck TCP/IP stack prior to 6.0.1.66 has an IPv6 Out-of-bounds Read.
Treck Tcp\\/ip
1 Github repository
505
VMScore
CVE-2005-1398
phpcart.php in PHPCart 3.2 allows remote malicious users to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 up to and including 4.6.4 are also affected.
Phpcart Phpcart 3.2
Phpcart Phpcart 3.4
Phpcart Phpcart 4.6.4
1 EDB exploit
1000
VMScore
CVE-2005-0735
newsscript.pl for NewsScript allows remote malicious users to gain privileges by setting the mode parameter to admin.
Newsscript.co.uk Newsscript
1 EDB exploit
435
VMScore
CVE-2004-2699
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote malicious users to delete arbitrary product images via a modified ProductID parameter.
Aspdotnetstorefront Aspdotnetstorefront 3.3
1 EDB exploit
685
VMScore
CVE-2006-6919
Firefox Sage extension 1.3.8 and previous versions allows remote malicious users to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element...
Sage-mozdev Sage
1 EDB exploit
383
VMScore
CVE-2018-17215
An information-disclosure issue exists in Postman up to and including 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. ...
Postman Postman
534
VMScore
CVE-2012-2981
Webmin 1.590 and previous versions allows remote authenticated users to execute arbitrary Perl code via a crafted file associated with the type (aka monitor type name) parameter.
Gentoo Webmin 1.570
Gentoo Webmin 1.550
Gentoo Webmin 1.450
Gentoo Webmin 1.440
Gentoo Webmin 1.370
Gentoo Webmin 1.340
Gentoo Webmin 1.270
Gentoo Webmin 1.560
Gentoo Webmin 1.530
Gentoo Webmin 1.430
Gentoo Webmin 1.420
Gentoo Webmin 1.330
Gentoo Webmin 1.320
Gentoo Webmin 1.240
Gentoo Webmin 1.230
Gentoo Webmin 1.140
Gentoo Webmin 1.520
Gentoo Webmin 1.510
Gentoo Webmin 1.410
Gentoo Webmin 1.400
Gentoo Webmin 1.310
Gentoo Webmin 1.300
755
VMScore
CVE-2006-3329
SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote malicious users to execute arbitrary SQL commands via the rate parameter.
Deltascripts Php Classifieds 6.04
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »