Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vikas chaudhary vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-7441
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it ...
Woocommerce Paypal Checkout Payment Gateway 1.6.8
1 EDB exploit
6.5
CVSSv3
CVE-2019-7439
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
6.1
CVSSv3
CVE-2019-7438
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
6.5
CVSSv3
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
6.1
CVSSv3
CVE-2018-13256
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
6.5
CVSSv3
CVE-2018-15181
JioFi 4G Hotspot M2S devices allow malicious users to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
Jio 4g Hotspot M2s Firmware -
1 EDB exploit
5.4
CVSSv3
CVE-2018-14541
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
Readymadeb2bscript Basic B2b 2.0.0
5.4
CVSSv3
CVE-2018-14082
PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Scripting (XSS) via the search bar.
Freelancewebdesignerchennai Job Portal 3.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started