Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local users vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3026
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile informat...
Wp-users-exporter Project Wp-users-exporter
312
VMScore
CVE-2021-24782
The Flex Local Fonts WordPress plugin up to and including 1.0.0 does not escape the Class Name field when adding a font, which could allow hight privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Flex Local Fonts Project Flex Local Fonts
356
VMScore
CVE-2021-27999
A SQL injection vulnerability exists in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database.
Local Services Search Engine Management System Project Local Services Search Engine Management System 1.0
356
VMScore
CVE-2020-4649
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.
Ibm Planning Analytics Local
641
VMScore
CVE-2017-11672
The OPC Foundation Local Discovery Server (LDS) prior to 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.
Opcfoundation Local Discovery Server
312
VMScore
CVE-2020-4360
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
383
VMScore
CVE-2020-4366
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
312
VMScore
CVE-2020-4431
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
383
VMScore
CVE-2020-4503
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
312
VMScore
CVE-2020-4645
IBM Planning Analytics Local 2.0.0 up to and including 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...
Ibm Planning Analytics Local
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »