Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23738
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a up to and including 2.3.0.
NA
CVE-2023-24373
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a up to and including 3.2.3.
NA
CVE-2023-26521
Missing Authorization vulnerability in CodePeople Search in Place allows Functionality Misuse.This issue affects Search in Place: from n/a up to and including 1.0.104.
NA
CVE-2023-26523
Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a up to and including 1.1.120.
NA
CVE-2023-27437
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality Misuse.This issue affects Event Espresso 4 Decaf: from n/a up to and including 4.10.44.Decaf.
NA
CVE-2023-23735
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affects Spectra: from n/a up to and including 2.3.0.
NA
CVE-2023-23730
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a up to and including 2.3.0.
NA
CVE-2024-36782
TOTOLINK CP300 V2.0.4-B20201102 exists to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows malicious users to log in as root.
NA
CVE-2024-34051
A Reflected Cross-site scripting (XSS) vulnerability located in htdocs/compta/paiement/card.php of Dolibarr prior to 19.0.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted payload injected into the facid parameter.
NA
CVE-2024-34987
A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows malicious users to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during ...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »