Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
homepage project homepage vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Homepage Project Homepage
NA
CVE-2014-3897
Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMailer 3.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Homepage Decorator Perlmailer Project Homepage Decorator Perlmailer
8.8
CVSSv3
CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.
Homepage Product Organizer For Woocommerce Project Homepage Product Organizer For Woocommerce
6.1
CVSSv3
CVE-2017-16833
Stored cross-site scripting (XSS) vulnerability in Gemirro prior to 0.16.0 allows malicious users to inject arbitrary web script via a crafted javascript: URL in the "homepage" value of a ".gemspec" file.
Gemirro Project Gemirro
6.1
CVSSv3
CVE-2017-16792
Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) prior to 0.13.10 allows malicious users to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb.
Geminabox Project Geminabox
6.1
CVSSv3
CVE-2021-28160
Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) suffers from a reflected XSS vulnerability due to unsanitized SSID value when the latter is displayed in the /repeater.html page ("Repeater Wizard" homepage section).
Acexy Wireless-n Wifi Repeater Project Acexy Wireless-n Wifi Repeater Firmware 28.08.06.1
4.3
CVSSv3
CVE-2022-46160
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a pro...
Enalean Tuleap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started