Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv2
CVE-2020-11905
The Treck TCP/IP stack prior to 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
Treck Tcp\\/ip
5.8
CVSSv2
CVE-2020-11906
The Treck TCP/IP stack prior to 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
Treck Tcp\\/ip
5.8
CVSSv2
CVE-2020-11907
The Treck TCP/IP stack prior to 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.
Treck Tcp\\/ip
5
CVSSv2
CVE-2005-1398
phpcart.php in PHPCart 3.2 allows remote malicious users to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 up to and including 4.6.4 are also affected.
Phpcart Phpcart 3.2
Phpcart Phpcart 3.4
Phpcart Phpcart 4.6.4
1 EDB exploit
10
CVSSv2
CVE-2005-0735
newsscript.pl for NewsScript allows remote malicious users to gain privileges by setting the mode parameter to admin.
Newsscript.co.uk Newsscript
1 EDB exploit
6.8
CVSSv2
CVE-2006-6919
Firefox Sage extension 1.3.8 and previous versions allows remote malicious users to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element...
Sage-mozdev Sage
1 EDB exploit
4.3
CVSSv2
CVE-2004-2699
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote malicious users to delete arbitrary product images via a modified ProductID parameter.
Aspdotnetstorefront Aspdotnetstorefront 3.3
1 EDB exploit
4.3
CVSSv2
CVE-2018-17215
An information-disclosure issue exists in Postman up to and including 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. ...
Postman Postman
7.5
CVSSv2
CVE-2005-0494
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
Thomson Thomson Cable Modem Tcw690
1 EDB exploit
7.5
CVSSv2
CVE-2006-3329
SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote malicious users to execute arbitrary SQL commands via the rate parameter.
Deltascripts Php Classifieds 6.04
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »