Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-42280
mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.
Springernature Mee-admin 1.5
6.1
CVSSv3
CVE-2020-36636
A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/page/controller/systemadmin/accounts/AccountPageController.java of the component Ac...
Openmrs Admin Ui Module
4.3
CVSSv3
CVE-2021-27066
Windows Admin Center Security Feature Bypass Vulnerability
Microsoft Windows Admin Center -
5.4
CVSSv3
CVE-2021-3799
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames
Getgrav Grav-plugin-admin
5.4
CVSSv3
CVE-2023-33736
A stored cross-site scripting (XSS) vulnerability in Dcat-Admin v2.1.3-beta allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter.
Dcatadmin Dcat Admin 2.1.3
6.1
CVSSv3
CVE-2021-4291
A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be...
Openmrs Admin Ui Module
8.8
CVSSv3
CVE-2023-28618
Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Enhanced Plugin Admin plugin <= 1.16 versions.
Infolific Enhanced Plugin Admin
9.8
CVSSv3
CVE-2019-0813
An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'.
Microsoft Windows Admin Center
1 Article
9.1
CVSSv3
CVE-2024-24822
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually.
Pimcore Admin Classic Bundle
5.4
CVSSv3
CVE-2023-42817
Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” (from “%suggest%) is parsed by sprintf() even though it’s supposed to be output literally to the user. The translations may be accessible by a...
Pimcore Admin Classic Bundle
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »