Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
7.5
CVSSv2
CVE-2006-1804
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter....
Phpmyadmin
4.3
CVSSv2
CVE-2010-2544
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter....
Cacti
1 EDB exploit available
4.3
CVSSv2
CVE-2010-2543
Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for...
Cacti
1 EDB exploit available
4.3
CVSSv2
CVE-2010-2545
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to...
Cacti
4.3
CVSSv2
CVE-2010-1644
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to...
Cacti
6.5
CVSSv2
CVE-2010-1645
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph...
Cacti
7.5
CVSSv2
CVE-2015-4342
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id....
Cacti
Fedoraproject
Fedora
5
CVSSv2
CVE-2015-6661
Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu....
Drupal
4.3
CVSSv2
CVE-2015-6665
Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to...
Chaos Tool Suite Project
Ctools
Drupal
Fedoraproject
Fedora
6.8
CVSSv2
CVE-2015-6660
The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."...
Drupal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
apq8009 firmware
CVE-2020-7211
LFI
CVE-2019-18187
CVE-2019-19413
CVE-2020-0674
CVE-2019-14768
CVE-2011-3621
qualcomm
man-in-the-middle
path traversal
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon