Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
event vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2010-4950
SQL injection vulnerability in the Event (event) extension prior to 0.3.7 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Joachim Ruhs Event 0.2.5
Joachim Ruhs Event
Joachim Ruhs Event 0.2.2
Joachim Ruhs Event 0.2.4
Joachim Ruhs Event 0.2.7
578
VMScore
CVE-2021-29792
IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450.
Ibm Event Streams 10.0.0
Ibm Event Streams 10.1.0
Ibm Event Streams 10.2.0
Ibm Event Streams 10.3.0
685
VMScore
CVE-2006-3052
Cross-site scripting (XSS) vulnerability in Event Registration allows remote malicious users to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. NOTE: the provenance of this info...
Cescripts Event Registration 2checkout
Cescripts Event Registration Corporate
Cescripts Event Registration Paypal
Cescripts Event Registration Rsvp 1.0
1 EDB exploit
312
VMScore
CVE-2021-24480
The Event Geek WordPress plugin up to and including 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scripting issue
Event Geek Project Event Geek
312
VMScore
CVE-2022-0418
The Event List WordPress plugin prior to 0.8.8 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks against other admin even when the unfiltered_html is disallowed
Event List Project Event List
383
VMScore
CVE-2017-18576
The event-notifier plugin prior to 1.2.1 for WordPress has XSS via the loading animation.
Event Notifier Project Event Notifier
668
VMScore
CVE-2014-5504
SolarWinds Log and Event Manager prior to 6.0 uses "static" credentials, which makes it easier for remote malicious users to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL.
Solarwinds Log And Event Manager
Solarwinds Log And Event Manager 5.6.0
Solarwinds Log And Event Manager 5.5.0
Solarwinds Log And Event Manager 5.2.0
Solarwinds Log And Event Manager 5.4.0
655
VMScore
CVE-2017-9429
SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.
Event List Project Event List 0.7.8
1 EDB exploit
383
VMScore
CVE-2017-12068
The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action.
Event List Project Event List 0.7.9
1 Github repository
385
VMScore
CVE-2022-25114
Event Management v1.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the full_name parameter under register.php.
Event Management Project Event Management 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »