Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3209
The MStore API WordPress plugin prior to 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.
Inspireui Mstore Api
NA
CVE-2023-3131
The MStore API WordPress plugin prior to 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.
Inspireui Mstore Api
445
VMScore
CVE-2018-2013
IBM API Connect 2018.1 up to and including 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193.
Ibm Api Connect
445
VMScore
CVE-2021-29620
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity (XXE) attacks. This allows a user to import a speci...
Reportportal Service-api
570
VMScore
CVE-2021-29715
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.
Ibm Api Connect
578
VMScore
CVE-2021-32829
ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution (RCE) via bypass o...
Zstack Rest Api
605
VMScore
CVE-2018-1858
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.
Ibm Api Connect
312
VMScore
CVE-2018-1599
IBM API Connect 5.0.0.0 up to and including 5.0.8.3 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions ...
Ibm Api Connect
NA
CVE-2023-3077
The MStore API WordPress plugin prior to 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugin...
Inspireui Mstore Api
NA
CVE-2021-38997
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 up to and including 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user to conduct various atta...
Ibm Api Connect
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »