Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4833
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 prior to 6.1.7, 6.2 prior to 6.2.4, 6.3 prior to 6.3.0RC3, and 6.4 prior to 6.4.0beta1 allow remote malicious users to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_ful...
Sugarcrm Sugarcrm 6.2.1
Sugarcrm Sugarcrm 6.2.2
Sugarcrm Sugarcrm 6.1.3
Sugarcrm Sugarcrm 6.1.4
Sugarcrm Sugarcrm 6.3.0
Sugarcrm Sugarcrm 6.1.0
Sugarcrm Sugarcrm 6.4
Sugarcrm Sugarcrm 6.2.3
Sugarcrm Sugarcrm 6.1.5
Sugarcrm Sugarcrm 6.1.6
Sugarcrm Sugarcrm 6.2.0
Sugarcrm Sugarcrm 6.1.1
Sugarcrm Sugarcrm 6.1.2
1 EDB exploit
NA
CVE-2011-5073
Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) prior to 3.65 allow remote malicious users to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3...
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.21
1 EDB exploit
NA
CVE-2011-5259
SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM prior to 2.6.11.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.4
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6.8.1
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.0
1 EDB exploit
NA
CVE-2011-5313
Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote malicious users to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_reset program.
Redaxscript Redaxscript 0.3.2
1 EDB exploit
NA
CVE-2011-5318
Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.CMS prior to 5.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) modify articles via a save_post action to admin/news/saveNEWS_ID/, (2) modify settings via a sav...
Diafan Diafan.cms
1 EDB exploit
NA
CVE-2011-0504
Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote malicious users to inject arbitrary web script or HTML via the (1) status parameter to admin/orders.php, (2) search parameter to admin/customers.php, or (3) STORE...
Vamshop Vam Shop 1.6.1
Vamshop Vam Shop 1.6
1 EDB exploit
NA
CVE-2011-0503
Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote malicious users to hijack the authentication of administrators for requests that (1) change user status via admin/customers.php or (2) change user permissions via a...
Vamsoft Vam Shop 1.6
Vamsoft Vam Shop
1 EDB exploit
NA
CVE-2010-4750
Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote malicious users to hijack the authentication of administrators.
Blogcms Blog\\ Cms
1 EDB exploit
NA
CVE-2010-4874
Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) msn, or (4) aim parameter.
Ninkobb Ninkobb 1.3
1 EDB exploit
NA
CVE-2010-5029
SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote malicious users to execute arbitrary SQL commands via the show parameter in a web action.
Codefabrik Ecomat Cms 5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »