Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpath injection vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-4748
Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote malicious users to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Po...
F-art Agency Blog Cms 4.1
605
VMScore
CVE-2021-43822
Jackalope Doctrine-DBAL is an implementation of the PHP Content Repository API (PHPCR) using a relational database to persist data. In affected versions users can provoke SQL injections if they can specify a node name or query. Upgrade to version 1.7.4 to resolve this issue. If t...
Jackalope Doctrine-dbal Project Jackalope Doctrine-dbal
NA
CVE-2022-46751
Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy before 2.5.2. When Apache Ivy before 2.5.2 parses XML files - either its own config...
Apache Ivy
1 Github repository
605
VMScore
CVE-2015-6007
Cross-site request forgery (CSRF) vulnerability in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to hijack the authentication of arbitrary users.
Refbase Refbase
755
VMScore
CVE-2015-6008
install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.
Refbase Refbase
1 EDB exploit
755
VMScore
CVE-2015-6009
Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) up to and including 0.9.6 allow remote malicious users to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issue than CVE-2...
Refbase Refbase
1 EDB exploit
445
VMScore
CVE-2015-6011
Web Reference Database (aka refbase) up to and including 0.9.6 and bleeding-edge prior to 2015-01-08 allows remote malicious users to conduct XML injection attacks via (1) the id parameter to unapi.php or (2) the stylesheet parameter to sru.php.
Refbase Refbase
516
VMScore
CVE-2015-6012
Multiple open redirect vulnerabilities in Web Reference Database (aka refbase) up to and including 0.9.6 and bleeding-edge prior to 2015-01-08 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter.
Refbase Refbase
383
VMScore
CVE-2015-6010
Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) up to and including 0.9.6 and bleeding-edge prior to 2015-01-08 allow remote malicious users to inject arbitrary web script or HTML via the (1) errorNo or (2) errorMsg parameter to error.p...
Refbase Refbase
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3