Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redcap vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-15127
REDCap prior to 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file.
Vanderbilt Redcap
NA
CVE-2023-37361
REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization.
Vanderbilt Redcap
355
VMScore
CVE-2019-13029
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 prior to 8.10.20 and 9 prior to 9.1.2 allow an malicious user to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
Vanderbilt Redcap
1 EDB exploit
356
VMScore
CVE-2017-7351
A SQL injection issue exists in a file upload handler in REDCap 7.x prior to 7.0.11 via a trailing substring to SendITController:upload.
Vanderbilt Redcap
1 Github repository
312
VMScore
CVE-2022-24127
A Stored Cross-Site Scripting (XSS) vulnerability exists in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing projec...
Vanderbilt Redcap 12.0.11
312
VMScore
CVE-2022-24004
A Stored Cross-Site Scripting (XSS) vulnerability exists in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes...
Vanderbilt Redcap 12.0.11
NA
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote malicious user to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php.
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3