Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34369
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
Login Configurator Project Login Configurator
614
VMScore
CVE-2010-2945
The default configuration of SLiM prior to 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp.
Simone Rota Slim Simple Login Manager 1.2.1
Simone Rota Slim Simple Login Manager 1.2.0
Simone Rota Slim Simple Login Manager 1.1.0
Simone Rota Slim Simple Login Manager 1.0.0
Simone Rota Slim Simple Login Manager 1.2.5
Simone Rota Slim Simple Login Manager 1.2.3
Simone Rota Slim Simple Login Manager 1.3.0
Simone Rota Slim Simple Login Manager 1.2.6
Simone Rota Slim Simple Login Manager 1.2.4
Simone Rota Slim Simple Login Manager 1.2.2
Simone Rota Slim Simple Login Manager
187
VMScore
CVE-2014-5000
The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.
Lawn-login Project Lawn-login 0.0.7
NA
CVE-2016-15031
A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injec...
Php-login Project Php-login 1.0
409
VMScore
CVE-2017-20066
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public an...
Adminer Login Project Adminer Login 1.4.4
383
VMScore
CVE-2017-15867
Multiple cross-site scripting (XSS) vulnerabilities in the user-login-history plugin up to and including 1.5.2 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, (3) user_id, (4) username, (5) country_name, (6) br...
User-login-history Project User-login-history
668
VMScore
CVE-2022-0787
The Limit Login Attempts (Spam Protection) WordPress plugin prior to 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections
Limit Login Attempts Project Limit Login Attempts
NA
CVE-2023-5243
The Login Screen Manager WordPress plugin up to and including 3.5.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for e...
Login Screen Manager Project Login Screen Manager
NA
CVE-2023-1912
The Limit Login Attempts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lock logging feature in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious users t...
Limit Login Attempts Project Limit Login Attempts
NA
CVE-2023-4773
The WordPress Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wordpress_social_login_meta' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. T...
Wordpress Social Login Project Wordpress Social Login
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »