Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contact form email vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-0286
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file index.php#contact_us of the component Contact Form. The manipulation of the argument Name/Email/Message leads to cross site scrip...
Phpgurukul Hospital Management System 1.0
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
NA
CVE-2002-0148
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other users via an HTTP error page.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2002-0074
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to embed scripts into another user's session.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0075
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
9.8
CVSSv3
CVE-2017-3221
Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote malicious users to access user credentials, including user names and passwords.
Inmarsat Amosconnect 8 8.2.1
Inmarsat Amosconnect 8 8.2.2
Inmarsat Amosconnect 8 8.0.2
Inmarsat Amosconnect 8 8.2.0
Inmarsat Amosconnect 8 8.0
Inmarsat Amosconnect 8 8.3.0
Inmarsat Amosconnect 8 8.3.1
Inmarsat Amosconnect 8 8.0.1
Inmarsat Amosconnect 8 8.4.0
Inmarsat Amosconnect 8 8.4.0.1
9.8
CVSSv3
CVE-2017-3222
Hard-coded credentials in AmosConnect 8 allow remote malicious users to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
Inmarsat Amosconnect 8.0
Inmarsat Amosconnect 8.0.1
Inmarsat Amosconnect 8.0.2
Inmarsat Amosconnect 8.2.0
Inmarsat Amosconnect 8.2.1
Inmarsat Amosconnect 8.2.2
Inmarsat Amosconnect 8.3.0
Inmarsat Amosconnect 8.3.1
Inmarsat Amosconnect 8.4.0
Inmarsat Amosconnect 8.4.0.1
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
197 Github repositories
9 Articles
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
5.5
CVSSv3
CVE-2017-5223
An issue exists in PHPMailer prior to 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directo...
Phpmailer Project Phpmailer
1 EDB exploit
86 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3