Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-2452
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x prior to 1.12.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php.
Pragmamx Pragmamx
2 EDB exploits
6.1
CVSSv3
CVE-2012-1001
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp prior to 2.1.2 and prior to 2.5 Beta 2 allow remote malicious users to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.
Chyrp Chyrp
Chyrp Chyrp 2.5.2
2 EDB exploits
NA
CVE-2013-4900
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Twilightcms Twilight Cms 5.17
2 EDB exploits
NA
CVE-2010-4399
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are o...
Dynpg Dynpg 4.2.0
Dynpg Dynpg 4.1.1
1 EDB exploit
NA
CVE-2013-3082
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.1
Jojocms Jojo-cms 1.2
1 EDB exploit
NA
CVE-2014-2996
XCloner Standalone 3.5 and previous versions, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear ...
Xcloner Xcloner
1 EDB exploit
6.1
CVSSv3
CVE-2011-4336
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
Tiki Tikiwiki Cms\\/groupware
1 EDB exploit
NA
CVE-2011-4814
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) admin/boxes.php, (3) comm/clients.php, (4) commande/index.php; and the optionc...
Dolibarr Dolibarr Erp\\/crm 2.9.0
Dolibarr Dolibarr Erp\\/crm 2.8.1
Dolibarr Dolibarr Erp\\/crm
Dolibarr Dolibarr Erp\\/crm 2.6.0
Dolibarr Dolibarr Erp\\/crm 3.0.0
Dolibarr Dolibarr Erp\\/crm 2.7.1
Dolibarr Dolibarr Erp\\/crm 2.6.1
Dolibarr Dolibarr Erp\\/crm 2.5.0
Dolibarr Dolibarr Erp\\/crm 2.7.0
Dolibarr Dolibarr Erp\\/crm 2.8.0
Dolibarr Dolibarr Erp\\/crm 3.0.1
1 EDB exploit
NA
CVE-2011-5072
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) prior to 3.65 allow remote malicious users to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_...
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.21
Sitracker Support Incident Tracker
1 EDB exploit
NA
CVE-2012-5452
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5) name or (6) title[en] p...
Intelliants Subrion Cms 2.2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »