Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nu11secur1ty vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-3318
attach/ajax.php in DzzOffice up to and including 2.02.1 allows XSS via the editorid parameter.
Dzzoffice Dzzoffice
7.2
CVSSv3
CVE-2021-28419
The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.
9.8
CVSSv3
CVE-2022-24263
Hospital Management System v4.0 exists to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
Phpgurukul Hospital Management System 4.0
9.8
CVSSv3
CVE-2022-28452
Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.
Redplanetcomputers Laundry Management System 1.0
1 Github repository
7.8
CVSSv3
CVE-2020-0683
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
4 Github repositories
2 Articles
7.8
CVSSv3
CVE-2021-0527
In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroi...
Google Android -
6.1
CVSSv3
CVE-2021-38757
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php.
Hospital Management System Project Hospital Management System -
5.4
CVSSv3
CVE-2021-38152
index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
Chikitsa Patient Management System 2.0.0
7.2
CVSSv3
CVE-2021-27973
SQL injection exists in Piwigo prior to 11.4.0 via the language parameter to admin.php?page=languages.
8.8
CVSSv3
CVE-2021-28242
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote malicious users to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" ...
B2evolution B2evolution 7.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »