Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2012-4992
Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
Flashfxp Flashfxp 4.2
1 EDB exploit
7.8
CVSSv2
CVE-2016-0956
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote malicious users to obtain sensitive information via unspecified vectors.
Apache Sling
Adobe Experience Manager 5.6.1
Adobe Experience Manager 6.0.0
Adobe Experience Manager 6.1.0
1 EDB exploit
3 Github repositories
7.5
CVSSv2
CVE-2012-6509
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote malicious users to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
Netartmedia Car Portal 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2012-6519
SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the start parameter to mod.php.
Diy-cms Diy-cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2012-5894
SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the postId parameter.
Havalite Cms
1 EDB exploit
7.5
CVSSv2
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) OB_ID parameter in a single action to admin/action/objects.php, (2) AREA_ID parameter in a single action to admin/action/areas.php, or (3) s...
Samedia Landshop 0.9.2
1 EDB exploit
7.5
CVSSv2
CVE-2011-5229
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Apprain Apprain 0.1.5
1 EDB exploit
7.5
CVSSv2
CVE-2012-4265
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Itechscripts Proman Xpress 5.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-4279
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
Rwcinc Free Realty 3.1-0.6
1 EDB exploit
7.5
CVSSv2
CVE-2012-4281
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote malicious users to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid...
Itechscripts Travelon Express 6.2.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »