Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autocomplete vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-3256
Google Chrome prior to 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors.
Google Chrome
4.3
CVSSv2
CVE-2022-0167
An issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.4.5, all versions starting from 14.5.0 prior to 14.5.3, all versions starting from 14.6.0 prior to 14.6.2. GitLab was not disabling the Autocomplete attribute of fields related to sensiti...
Gitlab Gitlab
6.5
CVSSv2
CVE-2021-28142
CITSmart prior to 9.1.2.28 mishandles the "filtro de autocomplete."
3.5
CVSSv2
CVE-2018-18717
An issue exists in Eleanor CMS through 2015-03-19. XSS exists via the ajax.php?direct=admin&file=autocomplete&query=[XSS] URI.
Eleanor-cms Eleanor Cms
4
CVSSv2
CVE-2019-18449
An issue exists in GitLab Community and Enterprise Edition prior to 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2).
Gitlab Gitlab
5
CVSSv2
CVE-2010-4033
Google Chrome prior to 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote malicious users to conduct "profile spamming" attacks via unspecified vectors.
Google Chrome 7.0.517.22
Google Chrome 7.0.517.23
Google Chrome 7.0.517.30
Google Chrome 7.0.517.31
Google Chrome 7.0.517.32
Google Chrome 7.0.517.39
Google Chrome 7.0.517.4
Google Chrome 7.0.517.20
Google Chrome 7.0.517.21
Google Chrome 7.0.517.28
Google Chrome 7.0.517.29
Google Chrome 7.0.517.37
Google Chrome 7.0.517.38
Google Chrome 7.0.517.8
Google Chrome 7.0.517.9
Google Chrome 7.0.517.24
Google Chrome 7.0.517.25
Google Chrome 7.0.517.33
Google Chrome 7.0.517.34
Google Chrome
Google Chrome 7.0.517.5
Google Chrome 7.0.517.26
NA
CVE-2024-3081
A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross ...
7.5
CVSSv2
CVE-2013-4634
SQL injection vulnerability in the jQuery autocomplete for indexed_search (rzautocomplete) extension prior to 0.0.9 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Raphael Zschorsch Rzautocomplete 0.0.2
Raphael Zschorsch Rzautocomplete 0.0.7
Raphael Zschorsch Rzautocomplete 0.0.8
Raphael Zschorsch Rzautocomplete 0.0.5
Raphael Zschorsch Rzautocomplete 0.0.6
Raphael Zschorsch Rzautocomplete 0.0.3
Raphael Zschorsch Rzautocomplete 0.0.4
4
CVSSv2
CVE-2017-2609
jenkins prior to 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have...
Jenkins Jenkins
4.3
CVSSv2
CVE-2021-38904
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote malicious user to obtain credentials from a user's browser via incorrect autocomplete settings. IBM X-Force ID: 209693.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »