Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35728
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a up to and including 32.0.20.
NA
CVE-2024-35754
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a up to and including 1.6.3.
NA
CVE-2024-5102
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshoo...
NA
CVE-2024-36408
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions before 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in the `Alerts` controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
NA
CVE-2024-36407
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions before 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attacker does not get access to the new password. But this can be annoying for the user....
NA
CVE-2024-5597
Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution.
NA
CVE-2024-31611
SeaCMS 12.9 has a file deletion vulnerability via admin_template.php.
NA
CVE-2024-35744
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a up to and including 1.0.0.
NA
CVE-2024-35746
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a up to and including 2.1.4.2.
NA
CVE-2024-35743
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a up to and including 0.6.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »