Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-0649
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been d...
Dst-admin Project Dst-admin 1.5.0
6.1
CVSSv3
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
Flask-admin Project Flask-admin 1.5.2
6.1
CVSSv3
CVE-2017-12098
An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browse...
Rails Admin Project Rails Admin 1.2.0
7.5
CVSSv3
CVE-2021-44586
An issue exists in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information.
Dst-admin Project Dst-admin 1.3.0
6.1
CVSSv3
CVE-2022-0625
The Admin Menu Editor WordPress plugin up to and including 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Admin Menu Editor Project Admin Menu Editor
7.5
CVSSv3
CVE-2022-47762
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
Gin-vue-admin Project Gin-vue-admin
8.1
CVSSv3
CVE-2022-21660
Gin-vue-admin is a backstage management system based on vue and gin. In versions before 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no know...
Gin-vue-admin Project Gin-vue-admin
1 Github repository
9.8
CVSSv3
CVE-2022-39305
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Versions before 2.5.4 contain a file upload ability. The affected code fails to validate fileMd5 and fileName parameters, resulting in an arbitrary file bein...
Gin-vue-admin Project Gin-vue-admin
7.5
CVSSv3
CVE-2022-39345
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin before 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There ...
Gin-vue-admin Project Gin-vue-admin
8.8
CVSSv3
CVE-2023-24007
Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.
Admin Block Country Project Admin Block Country
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »