Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
Flask-admin Project Flask-admin 1.5.2
6.1
CVSSv3
CVE-2017-12098
An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browse...
Rails Admin Project Rails Admin 1.2.0
7.5
CVSSv3
CVE-2021-46371
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.
Antd-admin Project Antd-admin 5.5.0
9.8
CVSSv3
CVE-2022-27342
Link-Admin v0.0.1 exists to contain a SQL injection vulnerability via DictRest.ResponseResult().
Link-admin Project Link-admin 0.0.1
4.3
CVSSv3
CVE-2015-9390
The admin-management-xtended plugin prior to 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.
Admin Management Xtended Project Admin Management Xtended
8.8
CVSSv3
CVE-2022-24844
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this v...
Gin-vue-admin Project Gin-vue-admin
4.8
CVSSv3
CVE-2022-1814
The WP Admin Style WordPress plugin up to and including 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed
Wp Admin Style Project Wp Admin Style
7.5
CVSSv3
CVE-2022-24843
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolved in version 2.5.1. There are no known w...
Gin-vue-admin Project Gin-vue-admin
6.1
CVSSv3
CVE-2022-0625
The Admin Menu Editor WordPress plugin up to and including 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Admin Menu Editor Project Admin Menu Editor
6.1
CVSSv3
CVE-2016-1000126
Reflected XSS in wordpress plugin admin-font-editor v1.8
Admin-font-editor Project Admin-font-editor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »