Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Openemr Openemr 4.1.0
1 EDB exploit
NA
CVE-2012-1506
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM prior to 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details...
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
1 EDB exploit
NA
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.2
Jojocms Jojo-cms 1.1
1 EDB exploit
NA
CVE-2013-3082
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.1
Jojocms Jojo-cms 1.2
1 EDB exploit
NA
CVE-2010-4609
SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote malicious users to execute arbitrary SQL commands via the nuser parameter in a registrate action.
Html-edit Html-edit Cms 3.1.8
1 EDB exploit
NA
CVE-2010-4610
Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS 3.1.8 allows remote malicious users to inject arbitrary web script or HTML via the error parameter.
Html-edit Html-edit Cms 3.1.8
1 EDB exploit
NA
CVE-2010-4611
Html-edit CMS 3.1.8 allows remote malicious users to obtain sensitive information via a direct request to (1) pages.php and (2) menu.php in includes/core_files and (3) extensions/login/frontend/pages/antihacker.php, which reveals the installation path in an error message.
Html-edit Html-edit Cms 3.1.8
1 EDB exploit
NA
CVE-2010-4612
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1...
Hycus Hycus Cms 1.0.3
1 EDB exploit
NA
CVE-2011-1047
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by ...
Vasthtml Forum Server 1.6.5
Vasthtml Forum Server 1.6.1
1 EDB exploit
NA
CVE-2011-5318
Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.CMS prior to 5.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) modify articles via a save_post action to admin/news/saveNEWS_ID/, (2) modify settings via a sav...
Diafan Diafan.cms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »