Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrea intilangelo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-35416
Multiple cross-site scripting (XSS) vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage (with different request parameters), allows remote malicious users to inject arbitrary web script or HTML.
Onlineonly Phpjabbers Appointment Scheduler 2.3
9.8
CVSSv3
CVE-2023-26918
Diasoft File Replication Pro 7.5.0 allows malicious users to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.
Filereplicationpro File Replication Pro 7.5.0
7.8
CVSSv3
CVE-2023-25438
An issue exists in Genomedics MilleGP5 5.9.2, allows remote malicious users to execute arbitrary code and gain escalated privileges via modifying specific files.
Genomedics Millegpg 5.9.2
6.1
CVSSv3
CVE-2023-25439
Stored Cross Site Scripting (XSS) vulnerability in Square Pig FusionInvoice 2023-1.0, allows malicious users to execute arbitrary code via the description or content fields to the expenses, tasks, and customer details.
Squarepiginteractive Fusioninvoice 2023-1.0
NA
CVE-2023-254392023
FusionInvoice version 2023-1.0 suffers from a persistent cross site scripting vulnerability.
5.4
CVSSv3
CVE-2023-25440
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows malicious users to execute arbitrary code in first/second name field.
Civicrm Civicrm 5.59
NA
CVE-2023-254402023
CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability.
7.8
CVSSv3
CVE-2021-34110
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges.
Nica Winwaste.net 1.0.6183.16475
5.4
CVSSv3
CVE-2022-27308
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows malicious users to execute arbitrary web scripts or HTML via a project title.
Phprojekt Phpsimplygest Project Phprojekt Phpsimplygest 1.3.0
6.1
CVSSv3
CVE-2022-29296
A reflected cross-site scripting (XSS) vulnerability in the login portal of Avantune Genialcloud ProJ - 10 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Avantune Genialcloud Proj 10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »