Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
note press vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-1689
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection
Datainterlock Note Press
4
CVSSv2
CVE-2022-1690
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection
Datainterlock Note Press
7.5
CVSSv2
CVE-2017-18548
The note-press plugin prior to 0.1.2 for WordPress has SQL injection.
Datainterlock Note Press
4
CVSSv2
CVE-2022-1688
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
Datainterlock Note Press
6.9
CVSSv2
CVE-2010-5206
Multiple untrusted search path vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip allow local users to gain privileges via a Trojan horse (1) mfc71enu.dll or (2) mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .rar...
E-press One Office E-notetaker -
E-press One Office E-zip -
5
CVSSv2
CVE-2006-3272
Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote malicious users to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details ...
Astrodog Press Some Chess 1.5 Rc2
6.9
CVSSv2
CVE-2010-5205
Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .psw file. NOTE: some o...
E-press One Office Author -
4.3
CVSSv2
CVE-2020-15501
Smarter Coffee Maker prior to 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Smarter Smarter Coffee Maker 1st Generation -
3.3
CVSSv2
CVE-2019-13053
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761.
Logitech Unifying Receiver Firmware -
6 Github repositories
6.4
CVSSv2
CVE-2002-2311
Microsoft Internet Explorer 6.0 and possibly others allows remote malicious users to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that th...
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Opera Software Opera Web Browser 6.0.1
Microsoft Internet Explorer 5.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »