Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
website vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-2765
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotel...
Company Website Cms Project Company Website Cms 1.0
5.4
CVSSv3
CVE-2022-2769
A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. This issue affects some unknown processing of the file /dashboard/contact. The manipulation of the argument phone leads to cross site scripting. The attack may be initiated...
Company Website Cms Project Company Website Cms 1.0
9.8
CVSSv3
CVE-2022-40087
Simple College Website v1.0 exists to contain an arbitrary file write vulnerability via the function file_put_contents(). This vulnerability allows malicious users to execute arbitrary code via a crafted PHP file.
Simple College Website Project Simple College Website 1.0
6.1
CVSSv3
CVE-2022-40088
Simple College Website v1.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /college_website/index.php?page=. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the page p...
Simple College Website Project Simple College Website 1.0
9.8
CVSSv3
CVE-2022-40089
A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows malicious users to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allow_url_include is set to On.
Simple College Website Project Simple College Website 1.0
9.8
CVSSv3
CVE-2022-45526
SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows malicious users to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.
Institutional Management Website Project Institutional Management Website 1.0
9.8
CVSSv3
CVE-2022-45527
File upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized malicious users to directly upload malicious files to the courseimg directory.
Institutional Management Website Project Institutional Management Website 1.0
9.8
CVSSv3
CVE-2023-5014
A vulnerability was found in Sakshi2610 Food Ordering Website 1.0 and classified as critical. This issue affects some unknown processing of the file categoryfood.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...
Food Ordering Website Project Food Ordering Website 1.0
7.2
CVSSv3
CVE-2023-5919
A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack m...
Company Website Cms Project Company Website Cms 1.0
9.8
CVSSv3
CVE-2021-45255
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interac...
Video Sharing Website Project Video Sharing Website 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »