Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Recent vulnerabilities and exploits

NA
CVE-2020-19303
An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file....
NA
CVE-2020-19305
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges....
NA
CVE-2020-19304
An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information....
NA
CVE-2021-34273
SC-RCVD A Multi-Granularity Method for Restructured Cloning Vulnerability Detection in Ethereum Smart Contracts CVE We have reported vulnerabilities detected by SC-RCVD to CVE. And we have obtained CVEs such as CVE-2021-33403, CVE-2021-34270, CVE-2021-34272 ,CVE-2021-34273 and...
NA
CVE-2021-22237
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab versions before 14.1.2....
NA
CVE-2021-22236
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1 before version 14.1.2....
NA
CVE-2021-22239
An unauthorized user was able to insert metadata when creating new issue on GitLab 14.0 and later before version 14.1.2....
NA
CVE-2021-33333
The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which allows remote authenticated users to view and delete workflow submissions via...
NA
CVE-2021-33334
The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site...
NA
CVE-2021-33331
Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-36542NULL pointer dereferenceCVE-2021-3490CVE-2021-36934code injectionSSRFCVE-2021-34632CVE-2021-33325CVE-2021-27503
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook