Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pablo santiago vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
Schben Adive 2.0.7
1 EDB exploit
9.8
CVSSv3
CVE-2019-14348
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
Beardev Joomsport 3.3
1 EDB exploit
8.8
CVSSv3
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
Schben Adive
1 EDB exploit
5.4
CVSSv3
CVE-2019-14343
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
Vocabularyserver Tematres 3.0
9.8
CVSSv3
CVE-2019-14345
TemaTres 3.0 allows remote unprivileged users to create an administrator account
Vocabularyserver Tematres 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started