Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1198
base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote malicious users to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action.
Secureideas Basic Analysis And Security Engine 1.4.5
1 EDB exploit
NA
CVE-2006-1114
Multiple directory traversal vulnerabilities in Loudblog prior to 0.42 allow remote malicious users to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (...
Gerrit Van Aaken Loudblog 0.41
2 EDB exploits
4.9
CVSSv3
CVE-2021-40858
Auerswald COMpact 5500R devices prior to 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
Auerswald Compact 5500r Ip Firmware
Auerswald Compact 5200r Ip Firmware
Auerswald Compact 5000r Ip Firmware
Auerswald Compact 4000 Ip Firmware
Auerswald Commander 6000r Ip Firmware
Auerswald Commander 6000rx Ip Firmware
Auerswald Commander Business\\(19\\\"\\) Ip Firmware
Auerswald Commander Basic.2\\(19\\\"\\) Ip Firmware
Auerswald Compact 5010 Voip Ip Firmware
Auerswald Compact 5020 Voip Ip Firmware
NA
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Groupware 1.2.10
Horde Horde 3.3.12
1 EDB exploit
NA
CVE-1999-0467
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote malicious user to read arbitrary files using the "template" parameter.
Webcom Cgi Guestbook
2 EDB exploits
NA
CVE-2008-6937
Argument injection vulnerability in Exodus 0.10 allows remote malicious users to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CVE-2008-6936. NOTE: ...
Jabber Exodus 0.10
2 EDB exploits
NA
CVE-2012-4253
Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local ...
Mysqldumper Mysqldumper 1.24.4
2 EDB exploits
NA
CVE-2003-0770
FUNC.pm in IkonBoard 3.1.2a and previous versions, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote malicious users to execute arbitrary code when the cookie is inserted into a Perl "eval" st...
Ikonboard.com Ikonboard 3.1.1
Ikonboard.com Ikonboard 3.1.2a
2 EDB exploits
NA
CVE-1999-0287
Vulnerability in the Wguest CGI program.
Webcom Cgi Guestbook
2 EDB exploits
NA
CVE-2008-6785
Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as demonstrated by creating a nam...
Galaxyscripts Mini File Host 1.5
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »