Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
440
VMScore
CVE-2007-6232
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote malicious users to inject arbitrary web script or HTML via the error parameter in an error page action.
Ftp Admin 0.1.0
2 EDB exploits
578
VMScore
CVE-2021-29439
The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission `admin.login` can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary...
Getgrav Grav Admin
NA
CVE-2024-0879
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
Mintplexlabs Vector Admin
801
VMScore
CVE-2021-35450
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute
Entando Admin Console
NA
CVE-2023-30782
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.
Churchadminplugin Church Admin
605
VMScore
CVE-2018-20971
The church-admin plugin prior to 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
Churchadminplugin Church Admin
NA
CVE-2023-51763
csv_builder.rb in ActiveAdmin (aka Active Admin) prior to 3.2.0 allows CSV injection.
Activeadmin Active Admin
NA
CVE-2023-51411
Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a up to and including 3.18.3.
Dynamiapps Frontend Admin
312
VMScore
CVE-2021-24366
The Admin Columns WordPress plugin prior to 4.3 and Admin Columns Pro WordPress plugin prior to 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html c...
Admincolumns Admin Columns
NA
CVE-2021-4360
The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. This makes it possible for malicious users to create a new administrator role with unrestri...
Wpruby Controlled Admin Access
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »