Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-25778
In JetBrains TeamCity prior to 2020.2.1, permissions during user deletion were checked improperly.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2021-25779
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
Baby Care System Project Baby Care System 1.0
7.2
CVSSv3
CVE-2021-25780
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote malicious user to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.
Baby Care System Project Baby Care System 1.0
7.2
CVSSv3
CVE-2021-25783
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Article Search.
Taogogo Taocms 2.5
7.2
CVSSv3
CVE-2021-25784
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Edit Article.
Taogogo Taocms 2.5
4.8
CVSSv3
CVE-2021-25785
Taocms v2.5Beta5 exists to contain a cross-site scripting (XSS) vulnerability via the component Management column.
Taogogo Taocms 2.5
5.3
CVSSv3
CVE-2021-25786
An issue exists in QPDF version 10.0.4, allows remote malicious users to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
Qpdf Project Qpdf 10.0.4
5.4
CVSSv3
CVE-2021-25790
Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and...
House Rental And Property Listing Php Project House Rental And Property Listing Php 1.0
1 Github repository
5.4
CVSSv3
CVE-2021-25791
Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated malicious users to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address...
Online Doctor Appointment System Php Full Source Code Project Online Doctor Appointment System Php Full Source Code 1.0
1 Github repository
7.1
CVSSv3
CVE-2021-25801
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows malicious users to cause an out-of-bounds read via a crafted .avi file.
Videolan Vlc Media Player 3.0.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »