Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valentin lobstein vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30927
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the racer-results.php component.
NA
CVE-2024-30928
SQL Injection vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc
NA
CVE-2024-25228
Vinchin Backup and Recovery 7.2 and previous versions is vulnerable to Authenticated Remote Code Execution (RCE) via the getVerifydiyResult function in ManoeuvreHandler.class.php.
1 Github repository
NA
CVE-2024-30920
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the render-document.php component.
NA
CVE-2024-30922
SQL Injection vulnerability in DerbyNet v9.0 allows a remote malicious user to execute arbitrary code via the where Clause in Award Document Rendering.
NA
CVE-2024-30929
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the 'back' Parameter in playlist.php
NA
CVE-2022-35866
This vulnerability allows remote malicious users to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The...
Vinchin Vinchin Backup And Recovery 6.5.0.17561
NA
CVE-2024-31819
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote malicious user to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
1 Github repository
NA
CVE-2024-25600
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and e...
7 Github repositories
1 Article
NA
CVE-2023-46214
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk E...
Splunk Cloud
Splunk Splunk
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »