Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-24581
The Blue Admin WordPress plugin up to and including 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its setti...
Blue-admin Project Blue-admin
7.5
CVSSv2
CVE-2007-1219
PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter.
Admin Phorum Admin Phorum 3.3.1a
1 EDB exploit
4.3
CVSSv2
CVE-2020-24316
WP Plugin Rednumber Admin Menu v1.1 and lower does not sanitize the value of the "role" GET parameter before echoing it back out to the user. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
Admin Menu Project Admin Menu
7.5
CVSSv2
CVE-2022-27342
Link-Admin v0.0.1 exists to contain a SQL injection vulnerability via DictRest.ResponseResult().
Link-admin Project Link-admin 0.0.1
5
CVSSv2
CVE-2021-46371
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.
Antd-admin Project Antd-admin 5.5.0
NA
CVE-2023-43270
dst-admin v1.5.0 exists to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
Dst-admin Project Dst-admin 1.5.0
5.8
CVSSv2
CVE-2018-11092
An issue exists in the Admin Notes plugin 1.1 for MyBB. CSRF allows an malicious user to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
Admin Notes Project Admin Notes 1.1
NA
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit ha...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-0647
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The ex...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-0648
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been...
Dst-admin Project Dst-admin 1.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »