Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sanitize project sanitize vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-3486
GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code.
Glpi-project Glpi 9.5.4
6.1
CVSSv3
CVE-2017-8551
An elevation of privilege vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint XSS vulnerability".
Microsoft Project Server 2013
9.8
CVSSv3
CVE-2017-1002022
Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query.
Surveys Project Surveys 1.01.8
9.8
CVSSv3
CVE-2017-1002020
Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.
Surveys Project Surveys 1.01.8
9.8
CVSSv3
CVE-2017-1002021
Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query.
Surveys Project Surveys 1.01.8
6.1
CVSSv3
CVE-2022-0621
The dTabs WordPress plugin up to and including 1.4 does not sanitize and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Dtabs Project Dtabs
9.8
CVSSv3
CVE-2017-1002018
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Eventr Project Eventr 1.02.2
9.8
CVSSv3
CVE-2017-1002019
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Eventr Project Eventr 1.02.2
9.8
CVSSv3
CVE-2019-10781
In schema-inspector prior to 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.
Schema-inspector Project Schema-inspector
7.3
CVSSv3
CVE-2019-16682
The url_redirect (aka URL redirect) extension up to and including 1.2.1 for TYPO3 fails to properly sanitize user input and is susceptible to SQL Injection.
Url Redirect Project Url Redirect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »