Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web project web vulnerabilities and exploits
(subscribe to this query)
4.2
CVSSv3
CVE-2022-27893
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.
Osisoft-pi-web-connector Project Osisoft-pi-web-connector
NA
CVE-2009-2299
The Artofdefence Hyperguard Web Application Firewall (WAF) module prior to 2.5.5-11635, 3.0 prior to 3.0.3-11636, and 3.1 prior to 3.1.1-11637, a module for the Apache HTTP Server, allows remote malicious users to cause a denial of service (memory consumption) via an HTTP request...
Hyperguard Web Application Firewall Project Hyperguard Web Application Firewall
1 Github repository
6.1
CVSSv3
CVE-2021-37573
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page
Tiny Java Web Server Project Tiny Java Web Server
6.1
CVSSv3
CVE-2017-20185
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWMP. It has been rated as problematic. This issue affects some unknown processing of the file swmp.php of the component GET Parameter Handler. The manipulation of the argument theme leads to cross site scripting....
Server Web Monitor Page Project Server Web Monitor Page
7.5
CVSSv3
CVE-2022-44411
Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing malicious users to obtain users' passwords via a bruteforce attack.
Web Based Quiz System Project Web Based Quiz System 1.0
8.8
CVSSv3
CVE-2022-32991
Web Based Quiz System v1.0 exists to contain a SQL injection vulnerability via the eid parameter at welcome.php.
Web Based Quiz System Project Web Based Quiz System 1.0
NA
CVE-2014-7527
The Savage Nation Mobile Web (aka com.wSavageNation) application 0.57.13354.63350 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Savage Nation Mobile Web Project Savage Nation Mobile Web 0.57.13354.63350
6.1
CVSSv3
CVE-2021-28006
Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in admin.php through the options parameter.
Web Based Quiz System Project Web Based Quiz System 1.0
NA
CVE-2015-6944
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
Jsp/mysql Administrador Web Project Jsp/mysql Administrador Web 1.0
1 EDB exploit
NA
CVE-2015-6945
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
Jsp/mysql Administrador Web Project Jsp/mysql Administrador Web 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »