Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnspy vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-12895
WordPress up to and including 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename vali...
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 8.0
1 Github repository
8.8
CVSSv3
CVE-2017-1000499
phpMyAdmin versions 4.7.x (before 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Phpmyadmin Phpmyadmin
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2018-12613
An issue exists in phpMyAdmin 4.8.x prior to 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pa...
Phpmyadmin Phpmyadmin
3 EDB exploits
17 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started