Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
make vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-16764
An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigge...
Django Make App Project Django Make App 0.1.3
4.3
CVSSv2
CVE-2022-21672
make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those expl...
Linuxfromscratch Make-ca
6.2
CVSSv2
CVE-2000-0151
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands.
Gnu Make 3.77.44
NA
CVE-2023-27433
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <= 1.3.0 versions.
Yasglobal Make Paths Relative
7.5
CVSSv2
CVE-2000-0101
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Make-a-store Orderpage
6.8
CVSSv2
CVE-2007-6344
Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
Mcms Easy Web Make 0
1 EDB exploit
NA
CVE-2023-40752
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.
Phpjabbers Make An Offer Widget 1.0
NA
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Make An Offer Widget 1.0
6.8
CVSSv2
CVE-2008-1857
Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote malicious users to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters.
Mole Make Our Life Easy 2.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-14728
An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this exploit. Also, the SiteOmat does not force administrators to switch passwords, leaving SSH and HTTP remote authentication ope...
Orpak Siteomat
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »