Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0492
Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x prior to 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Informix Open Admin Tool 3.0
Ibm Informix Open Admin Tool 2.0
8.8
CVSSv3
CVE-2021-26795
A SQL Injection vulnerability in /appliance/shiftmgn.php in TalariaX sendQuick Alert Plus Server Admin 4.3 prior to 8HF11 allows malicious users to obtain sensitive information via a Roster Time to Roster Management.
Talariax Sendquick Alert Plus Server Admin
Talariax Sendquick Alert Plus Server Admin 4.3
5.3
CVSSv3
CVE-2023-46754
The admin panel for Obl.ong prior to 1.1.2 allows authorization bypass because the email OTP feature accepts arbitrary numerical values.
Obl.ong Admin
4.3
CVSSv3
CVE-2023-49783
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch before 1.13.19 and on the 2.x branch before 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or d...
Silverstripe Admin
9.8
CVSSv3
CVE-2023-51411
Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a up to and including 3.18.3.
Dynamiapps Frontend Admin
NA
CVE-2012-1631
Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote malicious users to hijack the authentication of administrators for requests that unpublish all nodes, and possibly other actions, via unspecified vectors.
Databasepublish Admin\\ Hover
5.4
CVSSv3
CVE-2021-24365
The Admin Columns WordPress plugin Free prior to 4.3.2 and Pro prior to 5.5.2 allowed to configure individual columns for tables. Each column had a type. The type "Custom Field" allowed to choose an arbitrary database column to display in the table. There was no escapin...
Admincolumns Admin Columns
9.8
CVSSv3
CVE-2023-4737
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hedef Tracking Admin Panel allows SQL Injection.This issue affects Admin Panel: prior to 1.2.
Hedeftakip Admin Portal
6.1
CVSSv3
CVE-2023-30782
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.
Churchadminplugin Church Admin
7.8
CVSSv3
CVE-2013-5582
Ammyy Admin 3.2 and previous versions stores the client ID at a fixed memory location, which might make it easier for user-assisted remote malicious users to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file.
Ammyy Ammyy Admin
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »