Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activity vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-38832
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/department/index.php?view=edit&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
7.2
CVSSv3
CVE-2022-38833
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=view&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
5.4
CVSSv3
CVE-2017-9513
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated malicious users to watch any Confluence page & receive notifications when comments are added to the watched page, and vote & watch JIRA issues that they do ...
Atlassian Activity Streams
6.1
CVSSv3
CVE-2016-10890
The aryo-activity-log plugin prior to 2.3.2 for WordPress has XSS.
Pojo Activity Log
7.5
CVSSv3
CVE-2022-34126
The Activity plugin prior to 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.
Glpi-project Activity
6.1
CVSSv3
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
6.1
CVSSv3
CVE-2016-10891
The aryo-activity-log plugin prior to 2.3.3 for WordPress has XSS.
Pojo Activity Log
4.3
CVSSv3
CVE-2020-4173
IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be se...
Ibm Security Guardium Insights 2.0.0
Ibm Infosphere Guardium Activity Monitor 10.6
Ibm Infosphere Guardium Activity Monitor 11.0
NA
CVE-2005-1667
DataTrac Activity Console 1.1 allows remote malicious users to cause a denial of service via a long HTTP GET request.
Datatrac Activity Console 1.1
1 EDB exploit
7.5
CVSSv3
CVE-2023-5133
This user-activity-log-pro WordPress plugin prior to 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Solwininfotech User Activity Log
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »