Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
click project click - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-7474
A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator (v1.002 and prior), for the PMEPXM0100 (H) module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious ...
Schneider-electric Pmepxm0100 Prosoft Configurator
7.5
CVSSv3
CVE-2021-32982
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers. An attacker who has network visibility can observe the password exchange.
Automationdirect C0-10dd1e-d Firmware
Automationdirect C0-10dd2e-d Firmware
Automationdirect C0-10dre-d Firmware
Automationdirect C0-10are-d Firmware
Automationdirect C0-11dd1e-d Firmware
Automationdirect C0-11dd2e-d Firmware
Automationdirect C0-11dre-d Firmware
Automationdirect C0-11are-d Firmware
Automationdirect C0-12dd1e-d Firmware
Automationdirect C0-12dd2e-d Firmware
Automationdirect C0-12dre-d Firmware
Automationdirect C0-12are-d Firmware
Automationdirect C0-12dd1e-1-d Firmware
Automationdirect C0-12dd2e-1-d Firmware
Automationdirect C0-12dre-1-d Firmware
Automationdirect C0-12are-1-d Firmware
Automationdirect C0-12dd1e-2-d Firmware
Automationdirect C0-12dd2e-2-d Firmware
Automationdirect C0-12dre-2-d Firmware
Automationdirect C0-12are-2-d Firmware
6.5
CVSSv3
CVE-2021-21324
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference (IDOR) on "Solutions". This vulnerability gives a...
Glpi-project Glpi
6.1
CVSSv3
CVE-2023-50630
Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v.2.28.0 allows a remote malicious user to execute arbitrary code via a crafted script to the click here function.
Teamwork Management System Project Teamwork Management System 2.28.0
6.1
CVSSv3
CVE-2023-5701
A vulnerability has been found in vnotex vnote up to 3.17.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Markdown File Handler. The manipulation with the input <xss onclick="alert(1)" style=display:block&g...
Vnote Project Vnote
6.1
CVSSv3
CVE-2021-37746
textview_uri_security_check in textview.c in Claws Mail prior to 3.18.0, and Sylpheed up to and including 3.7.0, does not have sufficient link checks before accepting a click.
Claws-mail Claws-mail
Sylpheed Project Sylpheed
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.1
CVSSv3
CVE-2021-21313
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, indeed, at least two parameters _target a...
Glpi-project Glpi
6.1
CVSSv3
CVE-2019-1010287
Timesheet Next Gen 1.5.3 and previous versions is affected by: Cross Site Scripting (XSS). The impact is: Allows an malicious user to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The...
Timesheet Next Gen Project Timesheet Next Gen
6.1
CVSSv3
CVE-2018-1000088
Doorkeeper version 2.1.0 up to and including 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will exe...
Doorkeeper Project Doorkeeper
6.1
CVSSv3
CVE-2015-3998
Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote malicious users to inject arbitrary web script or HTML via the query parameter to whois.php.
Clickfraud-monitoring Adsense-click-fraud-monitoring 1.7.5
Phpwhois Project Phpwhois 4.2.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »