Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-20003
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20002
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20005
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20004
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20007
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20008
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20006
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2020-35380
GJSON prior to 1.6.4 allows malicious users to cause a denial of service via crafted JSON.
Gjson Project Gjson
7.5
CVSSv2
CVE-2020-7766
This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true. The function recursively set the property in the target object, however it does ...
Json-ptr Project Json-ptr
4
CVSSv2
CVE-2020-15239
In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. This can lead to Information Disclosure and in some shared-hosting scenarios also to c...
Xmpp-http-upload Project Xmpp-http-upload
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »