Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
add user project add user vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-0765
The Loco Translate WordPress plugin prior to 2.6.1 does not properly remove inline events from elements in the source translation strings before outputting them in the editor in the plugin admin panel, allowing any user with access to the plugin (Translator and Administrator by d...
Loco Translate Project Loco Translate
6.1
CVSSv3
CVE-2019-7250
An issue exists in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Sinc...
Cross Reference Project Cross Reference 36
5.4
CVSSv3
CVE-2022-2312
The Student Result or Employee Database WordPress plugin prior to 1.7.5 does not have CSRF in its AJAX actions, allowing malicious users to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sani...
Student Result Or Employee Database Project Student Result Or Employee Database
5.4
CVSSv3
CVE-2021-41156
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions before 1.19.30.5601, it...
Timetracker Project Timetracker
9.8
CVSSv3
CVE-2023-3599
A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The attac...
Best Fee Management System Project Best Fee Management System 1.0
9.1
CVSSv3
CVE-2021-41647
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as a...
Online Food Ordering Web App Project Online Food Ordering Web App 1.0
1 Github repository
8.8
CVSSv3
CVE-2022-4290
The Cyr to Lat plugin for WordPress is vulnerable to authenticated SQL Injection via the 'ctl_sanitize_title' function in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...
Cyr To Lat Project Cyr To Lat
4.8
CVSSv3
CVE-2021-21312
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Ad...
Glpi-project Glpi
5.4
CVSSv3
CVE-2023-1363
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possi...
Computer Parts Sales And Inventory System Project Computer Parts Sales And Inventory System 1.0
9.8
CVSSv3
CVE-2020-27304
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the ...
Civetweb Project Civetweb
Siemens Sinec Infrastructure Network Services
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »