Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
Flask-admin Project Flask-admin 1.5.2
NA
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit ha...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-0647
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The ex...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-43270
dst-admin v1.5.0 exists to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
Dst-admin Project Dst-admin 1.5.0
5.8
CVSSv2
CVE-2021-25111
The English WordPress Admin WordPress plugin prior to 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue
English Wordpress Admin Project English Wordpress Admin
7.5
CVSSv2
CVE-2021-44219
Gin-Vue-Admin prior to 2.4.6 mishandles a SQL database.
Gin-vue-admin Project Gin-vue-admin
6.8
CVSSv2
CVE-2017-12881
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin prior to 1.3.0 allows remote malicious users to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
Spring Batch Admin Project Spring Batch Admin
3.5
CVSSv2
CVE-2017-12882
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin prior to 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
Spring Batch Admin Project Spring Batch Admin
4.3
CVSSv2
CVE-2022-1599
The Admin Management Xtended WordPress plugin prior to 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing malicious users to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post dat...
Admin Management Xtended Project Admin Management Xtended
NA
CVE-2022-47762
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
Gin-vue-admin Project Gin-vue-admin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »