Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4826
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an malicious user to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_...
NA
CVE-2024-4992
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_kuliah/aksi_kuliah.php parameter in nim. This vulnerability could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in it.
NA
CVE-2024-3721
TBK DVR Devices Command Injection (CVE-2024-3721)
NA
CVE-2024-4838
The ConvertPlus plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.26 via deserialization of untrusted input from the 'settings_encoded' attribute of the 'smile_modal' shortcode. This makes it possible for auth...
NA
CVE-2024-35299
In JetBrains YouTrack prior to 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation
NA
CVE-2024-35302
In JetBrains TeamCity prior to 2023.11 stored XSS during restore from backup was possible
NA
CVE-2024-35301
In JetBrains TeamCity prior to 2024.03.1 commit status publisher didn't check project scope of the GitHub App token
NA
CVE-2024-35300
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
NA
CVE-2024-4288
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter in versions up to, and including, 1.6.7.14 due to insufficient input sanitization and output...
NA
CVE-2024-4385
The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 1.8.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »