Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote malicious users to spoof the computer name of a secure channel's endpoint, and obtain sen...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 2003 Server
Microsoft Windows Server 2008
7.5
CVSSv2
CVE-2005-4378
SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and previous versions allows remote malicious users to execute arbitrary SQL commands via the SiteNodeID parameter.
Nma Baseline Cms
1 EDB exploit
4.3
CVSSv2
CVE-2004-2725
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in ...
Aztek Forum Aztek Forum 4.0
1 EDB exploit
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
4.3
CVSSv2
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
6.8
CVSSv2
CVE-2009-1561
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote malicious users to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPassw...
Cisco Wrt54gc 1.05.7
1 EDB exploit
5.8
CVSSv2
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vmanage Network Management System -
3.5
CVSSv2
CVE-2011-1401
ikiwiki prior to 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS)...
Ikiwiki Ikiwiki 2.19
Ikiwiki Ikiwiki 2.18
Ikiwiki Ikiwiki 3.1415
Ikiwiki Ikiwiki 3.10
Ikiwiki Ikiwiki 3.11
Ikiwiki Ikiwiki 3.12
Ikiwiki Ikiwiki 2.60
Ikiwiki Ikiwiki 2.64
Ikiwiki Ikiwiki 2.65
Ikiwiki Ikiwiki 2.62.1
Ikiwiki Ikiwiki 3.02
Ikiwiki Ikiwiki 3.01
Ikiwiki Ikiwiki 3.09
Ikiwiki Ikiwiki 3.08
Ikiwiki Ikiwiki 2.31.3
Ikiwiki Ikiwiki 2.43
Ikiwiki Ikiwiki 2.42
Ikiwiki Ikiwiki 2.44
Ikiwiki Ikiwiki 2.48
Ikiwiki Ikiwiki 2.49
Ikiwiki Ikiwiki 2.54
Ikiwiki Ikiwiki 2.55
5.8
CVSSv2
CVE-2005-4363
Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified search parameters.
Komodo Komodo Cms 2.1
1 EDB exploit
6.4
CVSSv2
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »