Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5312
PHP Server Monitor, version 3.2.0, is vulnerable to an XSS via the /phpservermon-3.2.0/vendor/phpmailer/phpmailer/test_script/index.php page in all visible parameters. An attacker could create a specially crafted URL, send it to a victim and retrieve their session details.
NA
CVE-2024-35375
There is an arbitrary file upload vulnerability on the media add .php page in the backend of the website in version 5.7.114 of DedeCMS
NA
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the month parameter.
NA
CVE-2024-34930
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows malicious user to execute arbitrary SQL commands via the month parameter.
NA
CVE-2024-5085
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input in the 'process_entry' function. This makes it possible for unauthenticated m...
NA
CVE-2024-4471
The 140+ Widgets | Best Addons For Elementor – FREE for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.3.1 via deserialization of untrusted input in the 'export_content' function. This allows authenticated attackers, with con...
NA
CVE-2024-4662
The Oxygen Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.8.2 via post metadata. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for lower privileged u...
NA
CVE-2024-5233
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teacher_salary_details3.php. The manipulation of the argument index leads to sql injection. The atta...
NA
CVE-2024-5234
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teacher_salary_history1.php. The manipulation of the argument index leads to sql injection. The atta...
NA
CVE-2024-5236
A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. T...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »