Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2996
XCloner Standalone 3.5 and previous versions, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear ...
Xcloner Xcloner
1 EDB exploit
NA
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
NA
CVE-2011-0503
Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote malicious users to hijack the authentication of administrators for requests that (1) change user status via admin/customers.php or (2) change user permissions via a...
Vamsoft Vam Shop 1.6
Vamsoft Vam Shop
1 EDB exploit
NA
CVE-2011-0504
Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote malicious users to inject arbitrary web script or HTML via the (1) status parameter to admin/orders.php, (2) search parameter to admin/customers.php, or (3) STORE...
Vamshop Vam Shop 1.6.1
Vamshop Vam Shop 1.6
1 EDB exploit
NA
CVE-2012-5452
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5) name or (6) title[en] p...
Intelliants Subrion Cms 2.2.1
1 EDB exploit
NA
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
NA
CVE-2010-5315
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita prior to 3.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array...
Chialab \\& Channelweb Bedita
1 EDB exploit
NA
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS prior to 0.6.7.1 allow remote malicious users to execute arbitrary SQL commands via (1) the file_name parameter in an attachment action, (2) the post parameter in a show_comment action, (3) the sys-name paramete...
Basic-cms Sweetrice 0.6.7.1
1 EDB exploit
NA
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS prior to 0.6.7.1 allows remote malicious users to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
Basic-cms Sweetrice 0.6.7.1
1 EDB exploit
NA
CVE-2012-4679
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop prior to 3.5.5 allows remote malicious users to inject arbitrary web script or HTML via the f_user_name parameter.
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »