Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-4408
The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated malicious users ...
Designwall Dw Question \\& Answer
5
CVSSv2
CVE-2010-1302
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote malicious users to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
Decryptweb Com Dwgraphs 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2019-19112
The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.
Gvectors Wpforo 1.6.5
3.5
CVSSv2
CVE-2018-19892
DomainMOD up to and including 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
Domainmod Domainmod
NA
CVE-2024-27408
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell regi...
NA
CVE-2024-27409
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell regi...
NA
CVE-2023-44122
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launche...
Google Android 12.0
Google Android 13.0
NA
CVE-2021-47165
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unable t...
4.3
CVSSv2
CVE-2004-2509
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.5
3 EDB exploits
4.3
CVSSv2
CVE-2004-2510
Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads prior to 6.5 allows remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.0
Ubbcentral Ubb.threads 6.2.2
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.4.4
Ubbcentral Ubb.threads 6.1
Ubbcentral Ubb.threads 6.1.1
Ubbcentral Ubb.threads 6.4
Ubbcentral Ubb.threads 6.4.1
Ubbcentral Ubb.threads 6.2
Ubbcentral Ubb.threads 6.2.1
Ubbcentral Ubb.threads 6.4.2
Ubbcentral Ubb.threads 6.4.3
Ubbcentral Ubb.threads 6.0.1
Ubbcentral Ubb.threads 6.0.2
Ubbcentral Ubb.threads 6.0.3
Ubbcentral Ubb.threads 6.3
Ubbcentral Ubb.threads 6.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2