Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web project web vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-32991
Web Based Quiz System v1.0 exists to contain a SQL injection vulnerability via the eid parameter at welcome.php.
Web Based Quiz System Project Web Based Quiz System 1.0
9.8
CVSSv3
CVE-2022-35422
Web Based Quiz System v1.0 exists to contain a SQL injection vulnerability via the qid parameter at update.php.
Web Based Quiz System Project Web Based Quiz System 1.0
NA
CVE-2015-6945
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2021-28006
Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in admin.php through the options parameter.
Web Based Quiz System Project Web Based Quiz System 1.0
6.1
CVSSv3
CVE-2021-28007
Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in register.php through the name parameter.
Web Based Quiz System Project Web Based Quiz System 1.0
NA
CVE-2014-7527
The Savage Nation Mobile Web (aka com.wSavageNation) application 0.57.13354.63350 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Savage Nation Mobile Web Project Savage Nation Mobile Web 0.57.13354.63350
NA
CVE-2014-5770
The Web Browser for Android (aka explore.web.browser) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Web Browser For Android Project Web Browser For Android 1.2
NA
CVE-2015-6944
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
1 EDB exploit
5.4
CVSSv3
CVE-2023-23701
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions.
Web Design Easy Sign Up Project Web Design Easy Sign Up
9.8
CVSSv3
CVE-2022-3414
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql inje...
Web-based Student Clearance System Project Web-based Student Clearance System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »