Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34793
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kharim Tomlinson WP Next Post Navi allows Stored XSS.This issue affects WP Next Post Navi: from n/a up to and including 1.8.3.
NA
CVE-2024-34791
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpbean WPB Elementor Addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a up to and including 1.0.9.
NA
CVE-2024-35630
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LJ Apps WP TripAdvisor Review Slider allows Blind SQL Injection.This issue affects WP TripAdvisor Review Slider: from n/a up to and including 12.6.
NA
CVE-2024-34803
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a up to and including 1.2.25.
NA
CVE-2024-34832
CubeCart - Directory Traversal May Lead To RCE (CVE-2024-34832) TL;DR In the admin panel, parameters such as _g and node are used to construct the path to include .inc.php files and execute PHP code. A malicious user with the ability to upload .inc.php files anywhere on the serve...
1 Github repository
7.8
CVSSv3
CVE-2023-43542
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
NA
CVE-2024-23665
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated malicious user to perform unauthorized ADOM operations vi...
NA
CVE-2024-23664
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an malicious user to to redirect users to an arbitrary website via a crafted URL.
NA
CVE-2024-23668
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
NA
CVE-2024-35635
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a up to and including 5.0.9.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »