Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

activity log project activity log - vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2022-27858
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Activity Log Project Activity Log
5.3
CVSSv3
CVE-2022-3941
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be ini...
Activity Log Project Activity Log -
5.3
CVSSv3
CVE-2023-4281
This Activity Log WordPress plugin prior to 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Activity Log Project Activity Log
NA
CVE-2014-2665
includes/specials/SpecialChangePassword.php in MediaWiki prior to 1.19.14, 1.20.x and 1.21.x prior to 1.21.8, and 1.22.x prior to 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain...
Mediawiki Mediawiki 1.22.3Mediawiki Mediawiki 1.22.2Mediawiki Mediawiki 1.21.2Mediawiki Mediawiki 1.21.3Mediawiki Mediawiki 1.20.5Mediawiki Mediawiki 1.20.6Mediawiki Mediawiki 1.19Mediawiki Mediawiki 1.19.0Mediawiki Mediawiki 1.19.6Mediawiki Mediawiki 1.19.7Mediawiki Mediawiki 1.21.6Mediawiki Mediawiki 1.21.5Mediawiki Mediawiki 1.20.1Mediawiki Mediawiki 1.20.2Mediawiki MediawikiMediawiki Mediawiki 1.19.12Mediawiki Mediawiki 1.19.2Mediawiki Mediawiki 1.19.3Mediawiki Mediawiki 1.22.4Mediawiki Mediawiki 1.21Mediawiki Mediawiki 1.21.1Mediawiki Mediawiki 1.20.3
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0Apache Log4jSiemens Sppa-t3000 Ses3000 FirmwareSiemens Logo\\! Soft ComfortSiemens Spectrum Power 4 4.70Siemens Spectrum Power 4Siemens Siveillance Control ProSiemens Energyip Prepay 3.7Siemens Energyip Prepay 3.8Siemens Siveillance Identity 1.6Siemens Siveillance Identity 1.5Siemens Siveillance CommandSiemens Sipass Integrated 2.85Siemens Sipass Integrated 2.80Siemens Head-end System Universal Device Integration SystemSiemens Gma-managerSiemens Energyip 8.5Siemens Energyip 8.6Siemens Energyip 8.7Siemens Energyip 9.0Siemens Energy Engage 3.1Siemens E-car Operation Center
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -Microsoft Windows Server 2008 R2Microsoft Windows Server 2008 -Microsoft Windows Xp -Microsoft Windows Server 2003 -Microsoft Windows Server 2003 R2Microsoft Windows 7 -
7.8
CVSSv3
CVE-2021-1675
Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 10 1607Microsoft Windows 8.1 -Microsoft Windows Server 2016 -Microsoft Windows Server 2008 -Microsoft Windows 7 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2012 -Microsoft Windows 10 -Microsoft Windows Server 2019 -Microsoft Windows 10 1809Microsoft Windows 10 1909Microsoft Windows 10 2004Microsoft Windows 10 20h2Microsoft Windows 10 21h1
8.8
CVSSv3
CVE-2021-34527
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install p...
Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 8.1 -Microsoft Windows Server 2008 -Microsoft Windows 7 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2012 -Microsoft Windows Server 2019Microsoft Windows Server 20h2Microsoft Windows 10 1809Microsoft Windows 10 20h2Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows Server 2016Microsoft Windows Server 2022Microsoft Windows 11 21h2Microsoft Windows 10 21h2Microsoft Windows 11 22h2Microsoft Windows 10 22h2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook