Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-4170
A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information....
Freereprintables
Articlefr
1 EDB exploit available
7.5
CVSSv2
CVE-2013-6788
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack....
Bitrix
Bitrix E-store Module
4.3
CVSSv2
CVE-2015-3421
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting (XSS) attacks, or a path disclosure attack via crafted...
Eshop Project
Eshop
7.5
CVSSv2
CVE-2012-2227
Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter....
Pluxml
1 EDB exploit available
7.5
CVSSv2
CVE-2011-5313
Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_reset program....
Redaxscript
1 EDB exploit available
7.5
CVSSv2
CVE-2011-1047
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by...
Vasthtml
Forum Server
1 EDB exploit available
4.3
CVSSv2
CVE-2012-2452
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php....
Pragmamx
2 EDB exploits available
4.3
CVSSv2
CVE-2013-1420
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter to...
Get-simple
Getsimple Cms
NA
CVE-2013-2649
Hero Framework CVE-2013-2649 Multiple Cross-Site Scripting Vulnerabilities...
2 EDB exploits available
4.3
CVSSv2
CVE-2012-2209
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuration module, (2) installstatus parameter in the languages_new module, or (3) theme...
Piwigo
1 EDB exploit available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-6809
firefox
CVE-2020-0796
firewall
CVE-2020-8816
frozennode
CVE-2015-7333
mozilla
CVE-2020-8910
photoshop 2020
CVE-2020-6806
mass assignment
CSRF
1
2
3
4
5
NEXT »
Vulmon