Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
event list project vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-0418
The Event List WordPress plugin prior to 0.8.8 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks against other admin even when the unfiltered_html is disallowed
Event List Project Event List
8.8
CVSSv3
CVE-2017-9429
SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.
Event List Project Event List 0.7.8
1 EDB exploit
6.1
CVSSv3
CVE-2017-12068
The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action.
Event List Project Event List 0.7.9
1 Github repository
9.8
CVSSv3
CVE-2017-17616
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
Event Calendar Category Script Project Event Calendar Category Script 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2023-22461
The `sanitize-svg` package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal `<script>`-tags and on-event handlers were detected in versions before 0.4.0. As a result, downstream so...
Sanitize-svg Project Sanitize-svg
7.5
CVSSv3
CVE-2021-40114
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper...
Cisco Firepower Management Center 2.9.14.0
Cisco Firepower Management Center 2.9.15
Cisco Firepower Management Center 2.9.16
Cisco Firepower Management Center 2.9.17
Cisco Firepower Threat Defense
Cisco Unified Threat Defense
Snort Snort
7.5
CVSSv3
CVE-2021-40116
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactiv...
Cisco Firepower Threat Defense
Cisco Firepower Management Center 3.1.0.1
Snort Snort
NA
CVE-2008-1238
Mozilla Firefox prior to 2.0.0.13 and SeaMonkey prior to 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote malicious users to bypass application prote...
Mozilla Firefox
Mozilla Seamonkey
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
71 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started