Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
website vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-20631
PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
Website Seller Script Project Website Seller Script 2.0.5
7.2
CVSSv3
CVE-2023-5919
A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack m...
Company Website Cms Project Company Website Cms 1.0
5.4
CVSSv3
CVE-2018-20530
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.
Website Seller Script Project Website Seller Script 2.0.5
8.8
CVSSv3
CVE-2022-30014
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
Simple Food Website Project Simple Food Website 1.0
5.4
CVSSv3
CVE-2022-30015
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
Simple Food Website Project Simple Food Website 1.0
9.8
CVSSv3
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
Cms Auditor Website Project Cms Auditor Website 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2022-2765
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotel...
Company Website Cms Project Company Website Cms 1.0
9.8
CVSSv3
CVE-2022-26283
Simple Subscription Website v1.0 exists to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows malicious users to dump the application's database via crafted HTTP requests.
Simple Subscription Website Project Simple Subscription Website 1.0
9.8
CVSSv3
CVE-2022-40089
A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows malicious users to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allow_url_include is set to On.
Simple College Website Project Simple College Website 1.0
8.1
CVSSv3
CVE-2021-44593
Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via UNION-based SQL injection in the username parameter on /admin/login.php.
Simple College Website Project Simple College Website 1.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »