Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
event vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2019-4470
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.2
4
CVSSv2
CVE-2019-4509
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 164430.
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.2
4.3
CVSSv2
CVE-2019-4581
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.2
5
CVSSv2
CVE-2018-2022
IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 155346.
Ibm Qradar Security Information And Event Manager 7.2.8
Ibm Qradar Security Information And Event Manager
NA
CVE-2023-0496
The HT Event WordPress plugin prior to 1.4.6 does not have CSRF check when activating plugins, which could allow malicious users to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
Hasthemes Ht Event
4.3
CVSSv2
CVE-2020-26153
A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin prior to 4.10.7.p for WordPress allows remote malicious users to inject arbitrary web scrip...
Eventespresso Event Espresso
7.5
CVSSv2
CVE-2007-1811
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter in a show action.
Chapi Tiny Event
1 EDB exploit
NA
CVE-2022-3336
The Event Monster WordPress plugin prior to 1.2.0 does not have CSRF check when deleting visitors, which could allow malicious users to make logged in admin delete arbitrary visitors via a CSRF attack
Awplife Event Monster
NA
CVE-2022-3720
The Event Monster WordPress plugin prior to 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users
Awplife Event Monster
NA
CVE-2023-47525
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This issue affects Event Monster – Event Management, Tickets B...
Awplife Event Monster
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »