Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
export user project export user vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-43984
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated malicious users to arbitrarily download user information from the ps_customer table.
Advanced Export Products Orders Cron Csv Excel Project Advanced Export Products Orders Cron Csv Excel
6.5
CVSSv3
CVE-2023-3385
An issue has been discovered in GitLab affecting all versions starting from 8.10 prior to 16.0.8, all versions starting from 16.1 prior to 16.1.3, all versions starting from 16.2 prior to 16.2.2. Under specific circumstances, a user importing a project 'from export' cou...
Gitlab Gitlab
4.3
CVSSv3
CVE-2023-1825
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 prior to 15.10.8, all versions starting from 15.11 prior to 15.11.7, all versions starting from 16.0 prior to 16.0.2. It was possible to disclose issue notes to an unauthorized user at project exp...
Gitlab Gitlab
5.4
CVSSv3
CVE-2023-27890
The Export User plugin up to and including 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Export User Project Export User
6.5
CVSSv3
CVE-2023-23610
GLPI is a Free Asset and IT Management Software package. Versions before 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having access to the standard interface can export data of almost any GLPI item type, even those on which user is not allowed to ac...
Glpi-project Glpi
5.3
CVSSv3
CVE-2021-41309
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/res...
Atlassian Jira Software Data Center
4.3
CVSSv3
CVE-2021-39868
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.
Gitlab Gitlab 4.3.0
Gitlab Gitlab
6.1
CVSSv3
CVE-2021-21422
mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a cell grows larger than supported size, clicking on a row will show full document...
Mongo-express Project Mongo-express
Mongo-express Project Mongo-express 1.0.0
9.8
CVSSv3
CVE-2020-11548
The Search Meter plugin up to and including 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
Search Meter Project Search Meter
7.5
CVSSv3
CVE-2019-13941
A vulnerability has been identified in OZW672 (All versions < V10.00), OZW772 (All versions < V10.00). Vulnerable versions of OZW Web Server use predictable path names for project files that legitimately authenticated users have created by using the application's expor...
Siemens Ozw672 Firmware
Siemens Ozw772 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »