Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-35857
kvf-admin through 2022-02-12 allows remote malicious users to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file.
Kvf-admin Project Kvf-admin
NA
CVE-2007-1219
PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter.
Admin Phorum Admin Phorum 3.3.1a
1 EDB exploit
7.2
CVSSv3
CVE-2023-24249
An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows malicious users to execute arbitrary code via a crafted PHP file.
Laravel-admin Laravel-admin 1.8.19
7.5
CVSSv3
CVE-2021-44586
An issue exists in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information.
Dst-admin Project Dst-admin 1.3.0
6.5
CVSSv3
CVE-2018-11092
An issue exists in the Admin Notes plugin 1.1 for MyBB. CSRF allows an malicious user to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
Admin Notes Project Admin Notes 1.1
9.8
CVSSv3
CVE-2023-43270
dst-admin v1.5.0 exists to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
Dst-admin Project Dst-admin 1.5.0
7.5
CVSSv3
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit ha...
Dst-admin Project Dst-admin 1.5.0
7.5
CVSSv3
CVE-2023-0647
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The ex...
Dst-admin Project Dst-admin 1.5.0
7.5
CVSSv3
CVE-2023-0648
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been...
Dst-admin Project Dst-admin 1.5.0
7.5
CVSSv3
CVE-2023-0649
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been d...
Dst-admin Project Dst-admin 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »