Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple fields project simple fields vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9302
The simple-fields plugin prior to 1.4.11 for WordPress has XSS.
Simple Fields Project Simple Fields
8.8
CVSSv3
CVE-2013-7476
The simple-fields plugin prior to 1.2 for WordPress has CSRF in the admin interface.
Simple Fields Project Simple Fields
7.5
CVSSv3
CVE-2020-5766
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SRS Simple Hits Counter Plugin for WordPress 1.0.3 and 1.0.4 allows a remote, unauthenticated malicious user to determine the value of database fields.
Srs Simple Hits Counter Project Srs Simple Hits Counter 1.0.3
Srs Simple Hits Counter Project Srs Simple Hits Counter 1.0.4
5.4
CVSSv3
CVE-2022-30015
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
Simple Food Website Project Simple Food Website 1.0
5.4
CVSSv3
CVE-2021-43657
A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the vulnerable input fields.
Simple Client Management System Project Simple Client Management System 1.0
1 Github repository
7.5
CVSSv3
CVE-2022-1801
The Very Simple Contact Form WordPress plugin prior to 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target fo...
Very Simple Contact Form Project Very Simple Contact Form
9.8
CVSSv3
CVE-2023-1792
A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/fields/manage_field.php of the component GET Parameter Handler. The manipulation of the argument id...
Simple Mobile Comparison Website Project Simple Mobile Comparison Website 1.0
4.8
CVSSv3
CVE-2022-32987
Multiple cross-site scripting (XSS) vulnerabilities in /bsms/?page=manage_account of Simple Bakery Shop Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields.
Simple Bakery Shop Management System Project Simple Bakery Shop Management System 1.0
5.3
CVSSv3
CVE-2018-10995
SchedMD Slurm prior to 17.02.11 and 17.1x.x prior to 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Schedmd Slurm 17.11.3.2
Schedmd Slurm 17.11.4.1
Schedmd Slurm 17.11.5.1
Schedmd Slurm 17.11.6.1
Schedmd Slurm 17.11.0.0
Schedmd Slurm 17.11.0.1
Schedmd Slurm 17.11.1.2
Schedmd Slurm 17.11.3.1
Schedmd Slurm
Schedmd Slurm 17.11.1.1
Schedmd Slurm 17.11.2.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2018-7033
SchedMD Slurm prior to 17.02.10 and 17.11.x prior to 17.11.5 allows SQL Injection attacks against SlurmDBD.
Schedmd Slurm
Schedmd Slurm 17.11.0.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started