Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vanderbilt redcap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37361
REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization.
Vanderbilt Redcap
NA
CVE-2022-42715
A reflected XSS vulnerability exists in REDCap prior to 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.
Vanderbilt Redcap
3.5
CVSSv2
CVE-2022-24004
A Stored Cross-Site Scripting (XSS) vulnerability exists in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes...
Vanderbilt Redcap 12.0.11
3.5
CVSSv2
CVE-2022-24127
A Stored Cross-Site Scripting (XSS) vulnerability exists in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing projec...
Vanderbilt Redcap 12.0.11
NA
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote malicious user to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php.
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3