Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
homepage project homepage vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Homepage Project Homepage
8.8
CVSSv3
CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.
Homepage Product Organizer For Woocommerce Project Homepage Product Organizer For Woocommerce
6.1
CVSSv3
CVE-2017-16833
Stored cross-site scripting (XSS) vulnerability in Gemirro prior to 0.16.0 allows malicious users to inject arbitrary web script via a crafted javascript: URL in the "homepage" value of a ".gemspec" file.
Gemirro Project Gemirro
6.1
CVSSv3
CVE-2017-16792
Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) prior to 0.13.10 allows malicious users to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb.
Geminabox Project Geminabox
4.3
CVSSv3
CVE-2022-46160
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a pro...
Enalean Tuleap
NA
CVE-2014-3897
Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMailer 3.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Homepage Decorator Perlmailer Project Homepage Decorator Perlmailer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started