Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2437
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
Anecms Anecms Blog 1.0
Anecms Anecms Blog
1 EDB exploit
NA
CVE-2010-2463
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom prior to 4.1.9 allows remote malicious users to inject arbitrary web script or HTML via the post_id parameter in a modify action.
Jamroom Jamroom 1.0
Jamroom Jamroom 3.4.0
Jamroom Jamroom 2.66
Jamroom Jamroom 2.65
Jamroom Jamroom 2.67
Jamroom Jamroom 3.0
Jamroom Jamroom 3.3.4
Jamroom Jamroom 3.3.3
Jamroom Jamroom 3.0.5
Jamroom Jamroom 3.0.12
Jamroom Jamroom 3.0.11
Jamroom Jamroom 3.0.10
Jamroom Jamroom 3.0.22
Jamroom Jamroom 3.0.23
Jamroom Jamroom 3.0.24
Jamroom Jamroom 3.0.25
Jamroom Jamroom 4.1.5
Jamroom Jamroom 4.1.4
Jamroom Jamroom 4.1.3
Jamroom Jamroom 4.1.2
Jamroom Jamroom 4.0.4
Jamroom Jamroom 4.0.3
1 EDB exploit
NA
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.2
Jojocms Jojo-cms 1.1
1 EDB exploit
NA
CVE-2013-3082
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Jojocms Jojo-cms
Jojocms Jojo-cms 1.1
Jojocms Jojo-cms 1.2
1 EDB exploit
NA
CVE-2010-3024
Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0.1.6, and possibly earlier, allow remote malicious users to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the s...
Hulihanapplications Diamondlist 0.1.6
1 EDB exploit
NA
CVE-2014-2317
SQL injection vulnerability in ajax_udf.php in OpenDocMan prior to 1.2.7.2 allows remote malicious users to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information.
Opendocman Opendocman 1.2.6.2
Opendocman Opendocman 1.2.7
Opendocman Opendocman 1.2.6.3
Opendocman Opendocman 1.2.6.7
Opendocman Opendocman 1.2.6.6
Opendocman Opendocman 1.2.6.5
Opendocman Opendocman
Opendocman Opendocman 1.2.6.8
1 EDB exploit
NA
CVE-2013-7376
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote malicious users to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to...
Openx Openx 2.8.10
1 EDB exploit
NA
CVE-2012-5452
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5) name or (6) title[en] p...
Intelliants Subrion Cms 2.2.1
1 EDB exploit
NA
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
NA
CVE-2011-0504
Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote malicious users to inject arbitrary web script or HTML via the (1) status parameter to admin/orders.php, (2) search parameter to admin/customers.php, or (3) STORE...
Vamshop Vam Shop 1.6.1
Vamshop Vam Shop 1.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »