Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31346
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Text Widget for Elementor: from n/a up to and including 1.0.1.
NA
CVE-2024-2471
The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image attachment fields (such as 'Title', 'Alt Text', 'Custom URL', 'Custom Class', and 'Override Type') in all versions up to, and including, 2....
NA
CVE-2024-29182
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce ...
NA
CVE-2024-29191
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page (`links.html`) appends the `src` GET parameter (`[0]`) in all of its links for 1-click previews. The context in which `src` is being appended is `i...
NA
CVE-2024-3180
Concrete CMS version 9 below 9.2.8 and previous versions below 8.5.16 is vulnerable to Stored XSS in blocks of type file. Prior to fix, stored XSS could be caused by a rogue administrator adding malicious code to the link-text field when creating a block of type file. The Concret...
NA
CVE-2024-28782
IBM QRadar Suite Software 1.10.12.0 up to and including 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 up to and including 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698.
NA
CVE-2024-20848
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local malicious users to write out-of-bounds memory.
NA
CVE-2024-30246
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exact...
NA
CVE-2024-28456
Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote malicious user to execute arbitrary code via the text fields in the marriage registration request form.
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »