Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popup vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-2785
An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is ...
Pharos Popup 9.0
5
CVSSv2
CVE-2017-2786
A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to an out of bounds read causing a crash and a denial of service.
Pharos Popup 9.0
10
CVSSv2
CVE-2017-2788
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is al...
Pharos Popup 9.0
NA
CVE-2023-6000
The Popup Builder WordPress plugin prior to 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.
Sygnoos Popup Builder
1 Article
7.5
CVSSv2
CVE-2020-9006
The Popup Builder plugin 2.2.8 up to and including 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable. This allows creation of an arbit...
Sygnoos Popup Builder
2 Github repositories
7.5
CVSSv2
CVE-2019-14695
A SQL injection vulnerability exists in the Sygnoos Popup Builder plugin prior to 3.45 for WordPress. Successful exploitation of this vulnerability would allow a remote malicious user to execute arbitrary SQL commands on the affected system via com/libs/Table.php because Subscrib...
Sygnoos Popup Builder
NA
CVE-2022-2115
The Popup Anything WordPress plugin prior to 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting
Essentialplugin Popup Anything
6.5
CVSSv2
CVE-2021-25082
The Popup Builder WordPress plugin prior to 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, since the beginning of the string can be controlled, the issue can lead to RCE vu...
Sygnoos Popup Builder
NA
CVE-2022-29495
Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an malicious user to update plugin settings.
Sygnoos Popup Builder
4.3
CVSSv2
CVE-2020-10196
An XSS vulnerability in the popup-builder plugin prior to 3.64.1 for WordPress allows remote malicious users to inject arbitrary JavaScript into existing popups via an unsecured ajax action in com/classes/Ajax.php. It is possible for an unauthenticated malicious user to insert ma...
Sygnoos Popup-builder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »