Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project log vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4066
A vulnerability was found in davidmoreno onion. It has been rated as problematic. Affected by this issue is the function onion_response_flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources. The name of the patch is...
Mozilla Firefox -
Onion Project Onion
383
VMScore
CVE-2021-24766
The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin prior to 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow malicious user to make a logged in admin delete all of them via a CSRF attack
404 To 301 Project 404 To 301
685
VMScore
CVE-2007-5642
Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) mo...
Phppm Php Project Management
1 EDB exploit
357
VMScore
CVE-2020-15228
In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the pat...
Toolkit Project Toolkit
2 Github repositories
685
VMScore
CVE-2007-5641
Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the full_path parameter to (1) certinfo/index.php, (2) emails/index.php, (3) events/index.php, (4) fax...
Phppm Php Project Management
1 EDB exploit
NA
CVE-2023-7116
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os co...
Datax-web Project Datax-web 2.1.2
312
VMScore
CVE-2021-25115
The WP Photo Album Plus WordPress plugin prior to 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.
Wp Photo Album Plus Project Wp Photo Album Plus
NA
CVE-2023-25824
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU ...
Mod Gnutls Project Mod Gnutls
NA
CVE-2023-2546
The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpus_allow_user_to_admin_bar_menu' function with the 'wpus_who_switch' cookie value...
Wp User Switch Project Wp User Switch
2 Github repositories
NA
CVE-2023-28487
Sudo prior to 1.9.13 does not escape control characters in sudoreplay output.
Sudo Project Sudo
Netapp Active Iq Unified Manager -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »