Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38833
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=view&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
NA
CVE-2022-38267
School Activity Updates with SMS Notification v1.0 exists to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=.
School Activity Updates With Sms Notification Project School Activity Updates With Sms Notification 1.0
4.3
CVSSv2
CVE-2016-10890
The aryo-activity-log plugin prior to 2.3.2 for WordPress has XSS.
Pojo Activity Log
4.3
CVSSv2
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
4.3
CVSSv2
CVE-2016-10891
The aryo-activity-log plugin prior to 2.3.3 for WordPress has XSS.
Pojo Activity Log
5.5
CVSSv2
CVE-2017-9513
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated malicious users to watch any Confluence page & receive notifications when comments are added to the watched page, and vote & watch JIRA issues that they do ...
Atlassian Activity Streams
NA
CVE-2022-34126
The Activity plugin prior to 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.
Glpi-project Activity
NA
CVE-2023-2261
The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_ajax_call function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with subscriber-level access or higher, t...
Wpwhitesecurity Wp Activity Log
5
CVSSv2
CVE-2005-1667
DataTrac Activity Console 1.1 allows remote malicious users to cause a denial of service via a long HTTP GET request.
Datatrac Activity Console 1.1
1 EDB exploit
NA
CVE-2023-5167
The User Activity Log Pro WordPress plugin prior to 2.3.4 does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks.
Solwininfotech User Activity Log
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »