Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
field test vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-37343
A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.
Nagios Nagios Xi
1 Metasploit module
3.5
CVSSv2
CVE-2020-23208
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Send test" field under the "Start or continue campaign" module.
Phplist Phplist 3.5.3
7.5
CVSSv2
CVE-2021-1472
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, se...
Cisco Rv160 Firmware
Cisco Rv160w Firmware
Cisco Rv260 Firmware
Cisco Rv260p Firmware
Cisco Rv260w Firmware
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
7.5
CVSSv2
CVE-2021-1473
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, se...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
1 Github repository
4
CVSSv2
CVE-2021-22134
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and prior to 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents...
Elastic Elasticsearch
Oracle Communications Cloud Native Core Automated Test Suite 1.8.0
3.5
CVSSv2
CVE-2020-29145
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also pos...
Ericsson Bscs Ix R18 Billing \\& Rating Admx -
Ericsson Bscs Ix R18 Billing \\& Rating Mx -
4.3
CVSSv2
CVE-2020-16252
The Field Test gem 0.2.0 up to and including 0.3.2 for Ruby allows CSRF.
Field Test Project Field Test
3.5
CVSSv2
CVE-2019-19678
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.
Xpand-it Xray Test Mangaement
3.5
CVSSv2
CVE-2019-19679
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test Issue.
Xpand-it Xray Test Mangaement
3.5
CVSSv2
CVE-2019-17576
An issue exists in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the /admin/mails.php?action=edit URI via the "Send all emails to (instead of real recipients, for test purposes)" field.
Dolibarr Dolibarr Erp\\/crm 10.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »