Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-39305
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Versions before 2.5.4 contain a file upload ability. The affected code fails to validate fileMd5 and fileName parameters, resulting in an arbitrary file bein...
Gin-vue-admin Project Gin-vue-admin
7.5
CVSSv3
CVE-2022-39345
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin before 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There ...
Gin-vue-admin Project Gin-vue-admin
7.5
CVSSv3
CVE-2022-24843
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolved in version 2.5.1. There are no known w...
Gin-vue-admin Project Gin-vue-admin
6.1
CVSSv3
CVE-2022-0625
The Admin Menu Editor WordPress plugin up to and including 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Admin Menu Editor Project Admin Menu Editor
5.4
CVSSv3
CVE-2020-19704
A stored cross-site scripting (XSS) vulnerability via ResourceController.java in spring-boot-admin as of 20190710 allows malicious users to execute arbitrary web scripts or HTML.
Spring-boot-admin Project Spring-boot-admin 20190710
8.8
CVSSv3
CVE-2023-41672
Cross-Site Request Forgery (CSRF) vulnerability in Rémi Leclercq Hide admin notices – Admin Notification Center plugin <= 2.3.2 versions.
Remileclercq Hide Admin Notices - Admin Notification Center Plugin
9.8
CVSSv3
CVE-2017-1092
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
Ibm Informix Open Admin Tool 12.1
Ibm Informix Open Admin Tool 11.7
Ibm Informix Open Admin Tool 11.5
2 EDB exploits
8.8
CVSSv3
CVE-2022-4604
A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remo...
Wp-english-wp-admin Project Wp-english-wp-admin
4.8
CVSSv3
CVE-2023-23994
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin <= 1.6.1 versions.
Auto Hide Admin Bar Project Auto Hide Admin Bar
9.8
CVSSv3
CVE-2022-46166
Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advis...
Codecentric Spring Boot Admin 3.0.0
Codecentric Spring Boot Admin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »