Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
8bitsec vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10258
A CSV Injection vulnerability exists in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Codeslab Shopy Point Of Sale 1.0
1 EDB exploit
5.4
CVSSv3
CVE-2018-10259
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2018-10255
A CSV Injection vulnerability exists in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Clustercoding Blog Master Pro 1.0.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-10257
A CSV Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2018-10260
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2018-10256
A SQL Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
7.8
CVSSv3
CVE-2023-31873
Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process').
Gin Project Gin 0.7.4
8.8
CVSSv3
CVE-2023-31874
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').
Yank-note Yank Note 3.52.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started