Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2740
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attac...
Company Website Cms Project Company Website Cms -
NA
CVE-2021-41731
Cross Site Scripting (XSS vulnerability exists in )Sourcecodester News247 News Magazine (CMS) PHP 5.6 or higher and MySQL 5.7 or higher via the blog category name field
News247 News Magazine \\(cms\\) Project News247 News Magazine \\(cms\\) 1.0
NA
CVE-2023-6019
A command injection existed in Ray's cpu_profile URL parameter allowing malicious users to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: htt...
Ray Project Ray -
4 Github repositories
2 Articles
NA
CVE-2023-5919
A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack m...
Company Website Cms Project Company Website Cms 1.0
4.3
CVSSv2
CVE-2022-2144
The Jquery Validation For Contact Form 7 WordPress plugin prior to 5.3 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack
Jquery Validation For Contact Form 7 Project Jquery Validation For Contact Form 7
3.5
CVSSv2
CVE-2021-24418
The Smooth Scroll Page Up/Down Buttons WordPress plugin up to and including 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog
Smooth Scroll Page Up\\/down Buttons Project Smooth Scroll Page Up\\/down Buttons
5.8
CVSSv2
CVE-2016-5672
Intel Crosswalk prior to 19.49.514.5, 20.x prior to 20.50.533.11, 21.x prior to 21.51.546.0, and 22.x prior to 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which ...
Intel Crosswalk
7.5
CVSSv2
CVE-2017-11430
OmniAuth OmnitAuth-SAML 1.9.0 and previous versions may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to p...
Omnitauth-saml Project Omnitauth-saml
4.3
CVSSv2
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.9
Moodle Moodle 1.8.6
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.7
NA
CVE-2201-4428
Log4j Vulnerability - Proof-of-concept This repo has the source for a sample Java app that suffers from CVE-2201-4428. Follow this blog to understand how all of this is tied together. Vulnerability Apache Log4j is a Java-based logging utility. It is part of the Apache Logging Se...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »