Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34472
CVE-2024-34472 Description: An authenticated user can abuse Blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not Properly sanitize input, allowing an authenticated a...
1 Github repository
NA
CVE-2024-34471
CVE-2024-34471
1 Github repository
NA
CVE-2024-34470
CVE-2024-34470 Description: An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the serve...
1 Github repository
NA
CVE-2024-34473
An issue exists in appmgr in O-RAN Near-RT RIC I-Release. An attacker could register an unintended RMR message type during xApp registration to disrupt other service components.
NA
CVE-2023-52729
TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets.
NA
CVE-2024-34467
ThinkPHP 8.0.3 allows remote malicious users to discover the PHPSESSION cookie because think_exception.tpl (aka the debug error output source code) provides this in an error message for a crafted URI in a GET request.
NA
CVE-2024-34469
Rukovoditel prior to 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save.
NA
CVE-2024-34468
Rukovoditel prior to 3.5.3 allows XSS via user_photo to My Page.
NA
CVE-2024-34462
Alinto SOGo up to and including 5.10.0 allows XSS during attachment preview.
NA
CVE-2023-27283
IBM Aspera Orchestrator 4.0.1 could allow a remote malicious user to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »