Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
waraxe vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
7.5
CVSSv3
CVE-2009-2158
account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote malicious users to obtain a password via a brute-force attack.
Torrenttrader Project Torrenttrader 1.09
1 EDB exploit
6.5
CVSSv3
CVE-2013-1891
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
Opencart Opencart
1 EDB exploit
6.1
CVSSv3
CVE-2013-1937
Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x prior to 3.5.8 might allow remote malicious users to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. N...
Phpmyadmin Phpmyadmin 3.5.4
Phpmyadmin Phpmyadmin 3.5.2.2
Phpmyadmin Phpmyadmin 3.5.6
Phpmyadmin Phpmyadmin 3.5.5
Phpmyadmin Phpmyadmin 3.5.1.0
Phpmyadmin Phpmyadmin 3.5.7
Phpmyadmin Phpmyadmin 3.5.3.0
Phpmyadmin Phpmyadmin 3.5.2.1
Phpmyadmin Phpmyadmin 3.5.2.0
Phpmyadmin Phpmyadmin 3.5.0.0
Phpmyadmin Phpmyadmin
1 EDB exploit
1 Github repository
NA
CVE-2012-2412
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4531. Reason: This candidate is a duplicate of CVE-2012-4531. Notes: All CVE users should reference CVE-2012-4531 instead of this candidate. All references and descriptions in this candidate have been removed...
NA
CVE-2012-2413
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.
Joomla Joomla! 1.5.24
Joomla Joomla! 1.5.11
Joomla Joomla! 1.5.25
Joomla Joomla! 1.5.13
Joomla Joomla! 1.5.3
Joomla Joomla! 1.5.2
Joomla Joomla! 1.5.22
Joomla Joomla! 1.5.9
Joomla Joomla! 1.5.18
Joomla Joomla! 1.5.16
Joomla Joomla! 1.5.4
Joomla Joomla! 1.5.10
Joomla Joomla! 1.5.7
Joomla Joomla! 1.5.0
Joomla Joomla! 1.5.15
Joomla Joomla! 1.5.6
Joomla Joomla! 1.5.1
Joomla Joomla! 1.5.23
Joomla Joomla! 1.5.17
Joomla Joomla! 1.5.8
Joomla Joomla! 1.5.19
Joomla Joomla! 1.5.21
NA
CVE-2013-7375
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 up to and including 7.02.05 allows remote malicious users to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.05
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
1 EDB exploit
NA
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
1 EDB exploit
NA
CVE-2013-1805
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1806. Reason: This issue was MERGED into CVE-2013-1806 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should referen...
1 EDB exploit
NA
CVE-2013-1806
Multiple directory traversal vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »