Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38832
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/department/index.php?view=edit&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
NA
CVE-2022-39976
School Activity Updates with SMS Notification v1.0 exists to contain a SQL injection vulnerability via the id parameter at /modules/announcement/index.php?view=edit&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
383
VMScore
CVE-2016-10891
The aryo-activity-log plugin prior to 2.3.3 for WordPress has XSS.
Pojo Activity Log
435
VMScore
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
490
VMScore
CVE-2017-9513
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated malicious users to watch any Confluence page & receive notifications when comments are added to the watched page, and vote & watch JIRA issues that they do ...
Atlassian Activity Streams
NA
CVE-2022-34126
The Activity plugin prior to 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.
Glpi-project Activity
383
VMScore
CVE-2016-10890
The aryo-activity-log plugin prior to 2.3.2 for WordPress has XSS.
Pojo Activity Log
NA
CVE-2023-4279
This User Activity Log WordPress plugin prior to 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Solwininfotech User Activity Log
2 Github repositories
NA
CVE-2023-5133
This user-activity-log-pro WordPress plugin prior to 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Solwininfotech User Activity Log
NA
CVE-2023-3435
The User Activity Log WordPress plugin prior to 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated malicious users to conduct SQL injection attacks.
Solwininfotech User Activity Log
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »