Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47762
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
Gin-vue-admin Project Gin-vue-admin
685
VMScore
CVE-2008-4455
Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read and execute arbitrary files via a .. (dot dot) in the language cookie.
Mysql Quick Admin Mysql Quick Admin 1.5.5
1 EDB exploit
383
VMScore
CVE-2022-0625
The Admin Menu Editor WordPress plugin up to and including 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Admin Menu Editor Project Admin Menu Editor
312
VMScore
CVE-2017-12882
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin prior to 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
Spring Batch Admin Project Spring Batch Admin
NA
CVE-2023-41672
Cross-Site Request Forgery (CSRF) vulnerability in Rémi Leclercq Hide admin notices – Admin Notification Center plugin <= 2.3.2 versions.
Remileclercq Hide Admin Notices - Admin Notification Center Plugin
312
VMScore
CVE-2020-19704
A stored cross-site scripting (XSS) vulnerability via ResourceController.java in spring-boot-admin as of 20190710 allows malicious users to execute arbitrary web scripts or HTML.
Spring-boot-admin Project Spring-boot-admin 20190710
1000
VMScore
CVE-2017-1092
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
Ibm Informix Open Admin Tool 12.1
Ibm Informix Open Admin Tool 11.7
Ibm Informix Open Admin Tool 11.5
2 EDB exploits
NA
CVE-2022-4604
A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remo...
Wp-english-wp-admin Project Wp-english-wp-admin
NA
CVE-2023-23994
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin <= 1.6.1 versions.
Auto Hide Admin Bar Project Auto Hide Admin Bar
NA
CVE-2022-4043
The WP Custom Admin Interface WordPress plugin prior to 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
Wp Custom Admin Interface Project Wp Custom Admin Interface
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »