Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
narendra bhati vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-30887
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.
Apple Macos
Apple Tvos
Apple Watchos
Apple Iphone Os
Apple Ipados
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2014-8774
Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x prior to 2.2.15 allows remote malicious users to inject arbitrary web script or HTML via the context_key parameter.
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.1.1
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.1.3
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.2.7
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.2.9
Modx Modx Revolution 2.0.6
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.2.2
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.0.5
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.3
Modx Modx Revolution 2.2.5
1 EDB exploit
6.8
CVSSv2
CVE-2014-8773
MODX Revolution 2.x prior to 2.2.15 allows remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism by (1) omitting the CSRF token or via a (2) long string in the CSRF token parameter.
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.1.3
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.2.9
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.11
Modx Modx Revolution 2.2.5
Modx Modx Revolution 2.2.7
Modx Modx Revolution 2.0.1
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.1
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.0.3
Modx Modx Revolution 2.0.4
1 EDB exploit
5
CVSSv2
CVE-2014-8775
MODX Revolution 2.x prior to 2.2.15 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Modx Modx Revolution 2.1.3
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.2.9
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.11
Modx Modx Revolution 2.2.5
Modx Modx Revolution 2.2.7
Modx Modx Revolution 2.0.1
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.1
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.2.12
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2015-1400
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote malicious users to execute arbitrary SQL commands via the query parameter.
Npds Revolution 13.0
1 EDB exploit
5
CVSSv2
CVE-2016-4806
Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files.
Web2py Web2py
1 EDB exploit
3.5
CVSSv2
CVE-2016-4807
Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an malicious user to perform an XSS attack on logged in user (admin).
Web2py Web2py
1 EDB exploit
6.8
CVSSv2
CVE-2016-4808
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an malicious user to trick a logged in user to perform some unwanted actions i.e An attacker can trick an victim to disable the installed application just by sending a U...
Web2py Web2py
1 EDB exploit
6.5
CVSSv2
CVE-2015-6567
Wolf CMS prior to 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functio...
Wolfcms Wolf Cms
2 EDB exploits
6.5
CVSSv2
CVE-2015-6568
Wolf CMS prior to 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploadi...
Wolfcms Wolf Cms
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2