Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
be user log project be user log vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2015-4608
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and previous versions for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Be User Log Project Be User Log
890
VMScore
CVE-2007-0956
The telnet daemon (telnetd) in MIT krb5 prior to 1.6.1 allows remote malicious users to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
392
VMScore
CVE-2011-4930
Multiple format string vulnerabilities in Condor 7.2.0 up to and including 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and pos...
Condor Project Condor 7.6.1
Condor Project Condor 7.2.3
Fedoraproject Fedora 16
Condor Project Condor 7.5.4
Condor Project Condor 7.6.3
Condor Project Condor 7.6.0
Condor Project Condor 7.3.2
Condor Project Condor 7.2.1
Condor Project Condor 7.2.0
Condor Project Condor 7.4.1
Condor Project Condor 7.3.0
Condor Project Condor 7.4.2
Condor Project Condor 7.2.2
Condor Project Condor 7.6.4
Condor Project Condor 7.6.2
Fedoraproject Fedora 15
Condor Project Condor 7.2.5
Condor Project Condor 7.4.0
Condor Project Condor 7.3.1
Condor Project Condor 7.2.4
Redhat Enterprise Mrg 1.3
Redhat Enterprise Mrg 2.0
312
VMScore
CVE-2021-25115
The WP Photo Album Plus WordPress plugin prior to 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.
Wp Photo Album Plus Project Wp Photo Album Plus
383
VMScore
CVE-2018-1000029
mcholste Enterprise Log Search and Archive (ELSA) version revision 1205, commit 2cc17f1 and previous versions contains a Cross Site Scripting (XSS) vulnerability in index view (/) that can result in . This attack appear to be exploitable via Payload delivered via the type, name, ...
Elsa Project Elsa
890
VMScore
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Nagios Nagios
Wordpress Wordpress
357
VMScore
CVE-2021-21234
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability...
Spring-boot-actuator-logview Project Spring-boot-actuator-logview
4 Github repositories
1000
VMScore
CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...
Juniper Session And Resource Control 1.0
Juniper Session And Resource Control 2.0
Juniper Src Pe 1.0
Juniper Src Pe 2.0
1 EDB exploit
445
VMScore
CVE-2022-24875
The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the `org.conroller.js` code would erroneously log user secrets. This has been resolved in commit `46d98f2b` and should be available in subsequent vers...
Cve Cve-services
801
VMScore
CVE-2007-1216
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 prior to 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to...
Mit Kerberos 5
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
Debian Debian Linux 4.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »