Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amirhossein bahramizadeh vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-28288
Microsoft SharePoint Server Spoofing Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2013
Microsoft Sharepoint Server 2016
Microsoft Sharepoint Server -
1 EDB exploit
7.8
CVSSv3
CVE-2023-28293
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 20h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 1607
Microsoft Windows 11 21h2
1 EDB exploit
7.5
CVSSv3
CVE-2023-30198
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
Webbax Winbizpayment
1 EDB exploit
8.8
CVSSv3
CVE-2023-3320
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated malicious users to modify the plu...
Wp Sticky Social Project Wp Sticky Social
1 EDB exploit
4.5
CVSSv3
CVE-2023-23408
Azure Apache Ambari Spoofing Vulnerability
Microsoft Azure Hdinsights -
1 EDB exploit
7
CVSSv3
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
6.1
CVSSv3
CVE-2023-2779
The Social Share, Social Login and Social Comments WordPress plugin prior to 7.13.52 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Heator Social Share\\, Social Login And Social Comments
1 EDB exploit
8.1
CVSSv3
CVE-2020-11027
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with al...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Wordpress Wordpress 5.4
Wordpress Wordpress
6.1
CVSSv3
CVE-2023-36346
POS Codekop v2.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php.
Codekop Codekop 2.0
9.9
CVSSv3
CVE-2023-36355
TP-Link TL-WR940N V4 exists to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted GET request.
Tp-link Tl-wr940n Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »