Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
javier olmedo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-7400
Rukovoditel prior to 2.4.1 allows XSS.
Rukovoditel Rukovoditel
1 EDB exploit
3.5
CVSSv2
CVE-2020-9038
Joplin up to and including 1.0.184 allows Arbitrary File Read via XSS.
Joplin Project Joplin
1 EDB exploit
1 Github repository
6
CVSSv2
CVE-2019-15092
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.
Webtoffee Import Export Wordpress Users
1 EDB exploit
3.5
CVSSv2
CVE-2018-13832
Multiple Persistent cross-site scripting (XSS) issues in the Techotronic all-in-one-favicon (aka All In One Favicon) plugin 4.6 for WordPress allow remote malicious users to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text.
Techotronic All In One Favicon
1 EDB exploit
3.5
CVSSv2
CVE-2018-15917
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote malicious users to inject arbitrary web script or HTML via the language parameter to session/language.
Jorani Project Jorani 0.6.5
1 EDB exploit
5.5
CVSSv2
CVE-2018-15918
An issue exists in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
Jorani Project Jorani 0.6.5
1 EDB exploit
7.5
CVSSv2
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
Abisoftgt Ticketly 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2018-19828
Artica Integria IMS 5.0.83 has XSS via the search_string parameter.
Artica Integria Ims 5.0.83
7.5
CVSSv2
CVE-2018-15873
A SQL Injection issue exists in Sentrifugo 3.2 via the deptid parameter.
Sapplica Sentrifugo 3.2
5.5
CVSSv2
CVE-2019-19031
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload.
Edit-xml Easy Xml Editor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »