Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samrat das vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-7176
FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).
Frontaccounting Frontaccounting 2.4.3
1 EDB exploit
7.5
CVSSv3
CVE-2017-14523
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrator as a self attack
Wondercms Wondercms 2.3.1
1 EDB exploit
8.8
CVSSv3
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
6.1
CVSSv3
CVE-2018-7198
October CMS up to and including 1.0.431 allows XSS by entering HTML on the Add Posts page.
Octobercms October
1 EDB exploit
8.8
CVSSv3
CVE-2017-14521
In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload.
Wondercms Wondercms 2.3.0
Wondercms Wondercms 2.3.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started