Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerability-lab vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-14422
An issue exists in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?pa...
Tortoisesvn Tortoisesvn 1.12.1
1 EDB exploit
7.8
CVSSv3
CVE-2018-5282
Kentico 9.0 up to and including 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML document. NOTE: the vendor disputes this issue because neither a buffer overflow nor a crash can be reproduced; also, read...
Kentico Kentico Cms
1 EDB exploit
7.5
CVSSv3
CVE-2016-0956
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote malicious users to obtain sensitive information via unspecified vectors.
Apache Sling
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.0.0
Adobe Experience Manager 5.6.1
1 EDB exploit
3 Github repositories
6.1
CVSSv3
CVE-2017-15374
Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent exe...
Shopware Shopware 5.2.22
Shopware Shopware 5.2.21
Shopware Shopware 5.2.13
Shopware Shopware 5.2.12
Shopware Shopware 5.2.5
Shopware Shopware 5.3.0
Shopware Shopware 5.2.27
Shopware Shopware 5.2.20
Shopware Shopware 5.2.19
Shopware Shopware 5.2.18
Shopware Shopware 5.2.11
Shopware Shopware 5.2.10
Shopware Shopware 5.2.26
Shopware Shopware 5.2.25
Shopware Shopware 5.2.17
Shopware Shopware 5.2.16
Shopware Shopware 5.2.9
Shopware Shopware 5.2.8
Shopware Shopware 5.2.24
Shopware Shopware 5.2.23
Shopware Shopware 5.2.15
Shopware Shopware 5.2.14
1 EDB exploit
6.1
CVSSv3
CVE-2016-7851
Adobe Connect version 9.5.6 and previous versions does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.
Adobe Connect
1 EDB exploit
5.4
CVSSv3
CVE-2017-13754
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter prior to 6.50b allows remote malicious users to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.ht...
Wibu Codemeter
1 EDB exploit
NA
CVE-2015-5149
Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Request component to workorder/Attachment.jsp.
Zohocorp Manageengine Supportcenter Plus 7.90
1 EDB exploit
NA
CVE-2015-5150
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in the run_query_editor_query module to CustomReportHandler.do, (2) compAcct parame...
Zohocorp Manageengine Supportcenter Plus 7.90
1 EDB exploit
NA
CVE-2014-2879
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and previous versions allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html)...
Sonicwall Email Security Appliance
1 EDB exploit
NA
CVE-2013-7025
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or...
Sonicwall Global Management System 7.1
Sonicwall Analyzer 7.1
Sonicwall Global Management System 7.0
Sonicwall Analyzer 7.0
Sonicwall Uma E5000 Firmware 7.0
Sonicwall Uma E5000 Firmware 7.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »