Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portal vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2018-1712
IBM API Connect's Developer Portal 5.0.0.0 up to and including 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID:...
Ibm Api Connect
9.9
CVSSv3
CVE-2018-0238
A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote malicious user to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any ...
Cisco Unified Computing System Director 6.5\\(0.1\\)
Cisco Unified Computing System Director 6.5\\(0.0\\)
1 Article
9.9
CVSSv3
CVE-2015-7411
The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.
Ibm Tivoli Monitoring 6.2.3
Ibm Tivoli Monitoring 6.2.2.9
Ibm Tivoli Monitoring 6.2.2.2
Ibm Tivoli Monitoring 6.2.2.1
Ibm Tivoli Monitoring 6.2.2.6
Ibm Tivoli Monitoring 6.2.2.5
Ibm Tivoli Monitoring 6.2.2.8
Ibm Tivoli Monitoring 6.2.2.7
Ibm Tivoli Monitoring 6.2.2
Ibm Tivoli Monitoring 6.3.0
Ibm Tivoli Monitoring 6.2.2.4
Ibm Tivoli Monitoring 6.2.2.3
9.8
CVSSv3
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT before 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Fortra Goanywhere Managed File Transfer 6.0.0
Fortra Goanywhere Managed File Transfer
3 Github repositories
1 Article
9.8
CVSSv3
CVE-2022-41786
Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a up to and including 2.0.1.
Wpjobportal Wp Job Portal
9.8
CVSSv3
CVE-2024-0182
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. Th...
Janobe Engineers Online Portal 1.0
9.8
CVSSv3
CVE-2023-49688
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.
Kashipara Job Portal 1.0
9.8
CVSSv3
CVE-2023-49689
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database.
Kashipara Job Portal 1.0
9.8
CVSSv3
CVE-2023-49677
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.
Kashipara Job Portal 1.0
9.8
CVSSv3
CVE-2023-49681
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.
Kashipara Job Portal 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »