Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activity log project activity log - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-27858
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Activity Log Project Activity Log
5.3
CVSSv3
CVE-2022-3941
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be ini...
Activity Log Project Activity Log -
5.3
CVSSv3
CVE-2023-4281
This Activity Log WordPress plugin prior to 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Activity Log Project Activity Log
1 Github repository
NA
CVE-2014-2665
includes/specials/SpecialChangePassword.php in MediaWiki prior to 1.19.14, 1.20.x and 1.21.x prior to 1.21.8, and 1.22.x prior to 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain...
Mediawiki Mediawiki 1.22.3
Mediawiki Mediawiki 1.22.2
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21.3
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.21.6
Mediawiki Mediawiki 1.21.5
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.12
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.22.4
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.20.3
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1150 Github repositories
28 Articles
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits
2 Metasploit modules
171 Github repositories
10 Articles
7.8
CVSSv3
CVE-2021-1675
Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
133 Github repositories
4 Articles
8.8
CVSSv3
CVE-2021-34527
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install p...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019
Microsoft Windows Server 20h2
Microsoft Windows 10 1809
Microsoft Windows 10 20h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
107 Github repositories
6 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started