Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-25988
In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.
If-me Ifme
5.4
CVSSv3
CVE-2021-25993
In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while uploading assets in the page. That will send the JWT tokens to the attacker’...
Requarks Wiki.js 2.0.0
Requarks Wiki.js
6.1
CVSSv3
CVE-2021-26023
The Favorites component prior to 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS.
Nagios Favorites
5.3
CVSSv3
CVE-2021-26029
An issue exists in Joomla! 1.6.0 up to and including 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
Joomla Joomla\\!
6.5
CVSSv3
CVE-2021-26034
An issue exists in Joomla! 3.0.0 up to and including 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.
Joomla Joomla\\!
7.5
CVSSv3
CVE-2021-26038
An issue exists in Joomla! 2.5.0 up to and including 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.
Joomla Joomla\\!
6.1
CVSSv3
CVE-2021-26039
An issue exists in Joomla! 3.0.0 up to and including 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.
Joomla Joomla\\!
NA
CVE-2021-26042
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none
NA
CVE-2021-26046
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none
NA
CVE-2021-26048
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »