Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4650 1 Mongodb 1 Mongodb 2013-07-04 6.5 MEDIUM N/A
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
CVE-2013-4729 1 Phpmyadmin 1 Phpmyadmin 2013-07-04 5.5 MEDIUM N/A
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.
CVE-2013-2144 1 Redhat 1 Enterprise Virtualization Manager 2013-07-04 5.0 MEDIUM N/A
Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.
CVE-2011-3116 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2011-3117 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2011-3118 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2011-3119 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2011-3120 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2011-4072 2013-07-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none.
CVE-2012-1613 1 Coppermine-gallery 1 Coppermine Photo Gallery 2013-07-04 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter.
CVE-2010-4739 2 Aretimes, Joomla 2 Com Maianmedia, Joomla\! 2013-07-04 7.5 HIGH N/A
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php.
CVE-2013-1814 1 Apache 1 Rave 2013-07-03 4.0 MEDIUM N/A
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
CVE-2007-0747 1 Apple 2 Mac Os X, Mac Os X Server 2013-07-03 7.2 HIGH N/A
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2005-3852 1 Onlinetechtools.com 1 Owos Lite 2013-07-03 7.5 HIGH N/A
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2012-6550 1 Zeroclipboard Project 1 Zeroclipboard 2013-07-02 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.
CVE-2013-0259 2 Boxes Project, Drupal 2 Boxes, Drupal 2013-07-02 2.1 LOW N/A
Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web script or HTML via the subject parameter.
CVE-2012-4965 2013-07-02 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6569. Reason: This candidate is a reservation duplicate of CVE-2012-6569. Notes: All CVE users should reference CVE-2012-6569 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2012-4966 2013-07-02 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6570. Reason: This candidate is a reservation duplicate of CVE-2012-6570. Notes: All CVE users should reference CVE-2012-6570 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2012-4967 2013-07-02 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6571. Reason: This candidate is a reservation duplicate of CVE-2012-6571. Notes: All CVE users should reference CVE-2012-6571 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2013-3726 2013-07-02 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1636. Reason: This candidate is a reservation duplicate of CVE-2013-1636. Notes: All CVE users should reference CVE-2013-1636 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.