Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0988
Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefaults.php in KnowledgeTree 3.7.0.2 and possibly earlier allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) login.php, (2) admin.php, or (3) preferences.php.
Jam Warehouse Knowledgetree Open Source 3.7.0.2
1 EDB exploit
NA
CVE-2012-0989
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Oneorzero Action And Information Management System 2.8.0
1 EDB exploit
NA
CVE-2012-0990
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote malicious users to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settin...
Dclassifieds Dclassifieds 0.1
1 EDB exploit
NA
CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Openemr Openemr 4.1.0
1 EDB exploit
NA
CVE-2011-0504
Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote malicious users to inject arbitrary web script or HTML via the (1) status parameter to admin/orders.php, (2) search parameter to admin/customers.php, or (3) STORE...
Vamshop Vam Shop 1.6.1
Vamshop Vam Shop 1.6
1 EDB exploit
NA
CVE-2011-4814
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) admin/boxes.php, (3) comm/clients.php, (4) commande/index.php; and the optionc...
Dolibarr Dolibarr Erp\\/crm 2.9.0
Dolibarr Dolibarr Erp\\/crm 2.8.1
Dolibarr Dolibarr Erp\\/crm
Dolibarr Dolibarr Erp\\/crm 2.6.0
Dolibarr Dolibarr Erp\\/crm 3.0.0
Dolibarr Dolibarr Erp\\/crm 2.7.1
Dolibarr Dolibarr Erp\\/crm 2.6.1
Dolibarr Dolibarr Erp\\/crm 2.5.0
Dolibarr Dolibarr Erp\\/crm 2.7.0
Dolibarr Dolibarr Erp\\/crm 2.8.0
Dolibarr Dolibarr Erp\\/crm 3.0.1
1 EDB exploit
NA
CVE-2014-2996
XCloner Standalone 3.5 and previous versions, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear ...
Xcloner Xcloner
1 EDB exploit
NA
CVE-2015-3986
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress prior to 1.3.9.3 allows remote malicious users to hijack the authentication of administrators for requests that condu...
Thecartpress Thecartpress Ecommerce Shopping Cart
1 EDB exploit
NA
CVE-2010-0817
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote malicious users to inject arbitrary web script or HTML via the cid0 parameter.
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
NA
CVE-2011-4833
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 prior to 6.1.7, 6.2 prior to 6.2.4, 6.3 prior to 6.3.0RC3, and 6.4 prior to 6.4.0beta1 allow remote malicious users to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_ful...
Sugarcrm Sugarcrm 6.2.1
Sugarcrm Sugarcrm 6.2.2
Sugarcrm Sugarcrm 6.1.3
Sugarcrm Sugarcrm 6.1.4
Sugarcrm Sugarcrm 6.3.0
Sugarcrm Sugarcrm 6.1.0
Sugarcrm Sugarcrm 6.4
Sugarcrm Sugarcrm 6.2.3
Sugarcrm Sugarcrm 6.1.5
Sugarcrm Sugarcrm 6.1.6
Sugarcrm Sugarcrm 6.2.0
Sugarcrm Sugarcrm 6.1.1
Sugarcrm Sugarcrm 6.1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »