Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
event vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-4581
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.2
4.3
CVSSv2
CVE-2019-4264
IBM QRadar SIEM 7.2.8 WinCollect could allow an malicious user to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate. IBM X-Force ID: 160072.
Ibm Qradar Security Information And Event Manager 7.2.8
Ibm Qradar Security Information And Event Manager
4
CVSSv2
CVE-2019-4509
IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 164430.
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.2
5
CVSSv2
CVE-2018-2022
IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 155346.
Ibm Qradar Security Information And Event Manager 7.2.8
Ibm Qradar Security Information And Event Manager
NA
CVE-2022-3336
The Event Monster WordPress plugin prior to 1.2.0 does not have CSRF check when deleting visitors, which could allow malicious users to make logged in admin delete arbitrary visitors via a CSRF attack
Awplife Event Monster
NA
CVE-2022-3720
The Event Monster WordPress plugin prior to 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users
Awplife Event Monster
4.3
CVSSv2
CVE-2020-26153
A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin prior to 4.10.7.p for WordPress allows remote malicious users to inject arbitrary web scrip...
Eventespresso Event Espresso
NA
CVE-2023-47525
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This issue affects Event Monster – Event Management, Tickets B...
Awplife Event Monster
NA
CVE-2023-49179
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored XSS.This issue affects Event post: from n/a up to and including 5.8.6.
Avecnous Event Post
5.8
CVSSv2
CVE-2021-25028
The Event Tickets WordPress plugin prior to 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue
Tri Event Tickets
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »