Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
user vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-40852
SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows malicious users to obtain sensitive information via crafted string in the admin user name field on the admin log in page.
User Registration \\& Login And User Management System With Admin Panel Project User Registration \\& Login And User Management System With Admin Panel 3.0
6.1
CVSSv3
CVE-2023-34648
A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local malicious user to execute arbitrary code via a crafted script to the signup.php.
User Registration \\& Login And User Management System With Admin Panel Project User Registration \\& Login And User Management System With Admin Panel 1.0
5.4
CVSSv3
CVE-2023-27225
A cross-site scripting (XSS) vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the first and last name field.
User Registration \\& Login And User Management System With Admin Panel Project User Registration \\& Login And User Management System With Admin Panel 3.0
8.8
CVSSv3
CVE-2020-26766
A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.
User Registration \\& Login And User Management System With Admin Panel Project User Registration \\& Login And User Management System With Admin Panel 2.1
NA
CVE-2013-0527
The Browser in IBM Sterling Connect:Direct 1.4 prior to 1.4.0.11 and 1.5 up to and including 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate malicious users to obtain sensitive administrative-console information by reading the screen ...
Ibm Sterling Connect Direct User Interface 1.4.0.0
Ibm Sterling Connect Direct User Interface 1.4.0.2
Ibm Sterling Connect Direct User Interface 1.4.0.7
Ibm Sterling Connect Direct User Interface 1.4.0.10
Ibm Sterling Connect Direct User Interface 1.4.0.3
Ibm Sterling Connect Direct User Interface 1.4.0.6
Ibm Sterling Connect Direct User Interface 1.5.0.0
Ibm Sterling Connect Direct User Interface 1.5.0.1
NA
CVE-2013-0529
The Browser in IBM Sterling Connect:Direct 1.4 prior to 1.4.0.11 and 1.5 up to and including 1.5.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission w...
Ibm Sterling Connect Direct User Interface 1.4.0.0
Ibm Sterling Connect Direct User Interface 1.4.0.10
Ibm Sterling Connect Direct User Interface 1.4.0.6
Ibm Sterling Connect Direct User Interface 1.4.0.7
Ibm Sterling Connect Direct User Interface 1.4.0.2
Ibm Sterling Connect Direct User Interface 1.4.0.3
Ibm Sterling Connect Direct User Interface 1.5.0.0
Ibm Sterling Connect Direct User Interface 1.5.0.1
8.8
CVSSv3
CVE-2016-0732
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 up to and including 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 up to and including 1.6.13 allows remote authenticated users with p...
Cloudfoundry Cf-release
Cloudfoundry User Account And Authentication 2.2.5.3
Cloudfoundry User Account And Authentication 2.4.1
Cloudfoundry User Account And Authentication 2.4.0
Cloudfoundry User Account And Authentication 2.3.1.1
Cloudfoundry User Account And Authentication 2.0.2
Cloudfoundry User Account And Authentication 2.0.1
Cloudfoundry User Account And Authentication 2.0.0
Cloudfoundry User Account And Authentication 2.7.3
Cloudfoundry User Account And Authentication 2.7.2
Cloudfoundry User Account And Authentication 2.7.0.3
Cloudfoundry User Account And Authentication 2.5.2
Cloudfoundry User Account And Authentication 2.5.0
Cloudfoundry User Account And Authentication 2.2.5.2
Cloudfoundry User Account And Authentication 2.3.0
Cloudfoundry User Account And Authentication 2.2.5
Cloudfoundry User Account And Authentication 2.2.1
Cloudfoundry User Account And Authentication 2.1.0
Cloudfoundry User Account And Authentication 2.7.0.1
Cloudfoundry User Account And Authentication 2.7.0
Cloudfoundry User Account And Authentication 2.6.2
Cloudfoundry User Account And Authentication 2.6.1
4.8
CVSSv3
CVE-2023-35878
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Vadym K. Extra User Details plugin <= 0.5 versions.
Extra User Details Project Extra User Details
6.1
CVSSv3
CVE-2017-15867
Multiple cross-site scripting (XSS) vulnerabilities in the user-login-history plugin up to and including 1.5.2 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, (3) user_id, (4) username, (5) country_name, (6) br...
User-login-history Project User-login-history
8.8
CVSSv3
CVE-2014-10381
The user-domain-whitelist plugin prior to 1.5 for WordPress has CSRF.
User Domain Whitelist Project User Domain Whitelist
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »