Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
Flask-admin Project Flask-admin 1.5.2
NA
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit ha...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-0647
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The ex...
Dst-admin Project Dst-admin 1.5.0
NA
CVE-2023-43270
dst-admin v1.5.0 exists to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
Dst-admin Project Dst-admin 1.5.0
516
VMScore
CVE-2021-25111
The English WordPress Admin WordPress plugin prior to 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue
English Wordpress Admin Project English Wordpress Admin
668
VMScore
CVE-2021-44219
Gin-Vue-Admin prior to 2.4.6 mishandles a SQL database.
Gin-vue-admin Project Gin-vue-admin
605
VMScore
CVE-2017-12881
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin prior to 1.3.0 allows remote malicious users to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
Spring Batch Admin Project Spring Batch Admin
312
VMScore
CVE-2017-12882
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin prior to 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
Spring Batch Admin Project Spring Batch Admin
383
VMScore
CVE-2022-1599
The Admin Management Xtended WordPress plugin prior to 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing malicious users to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post dat...
Admin Management Xtended Project Admin Management Xtended
NA
CVE-2022-47762
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
Gin-vue-admin Project Gin-vue-admin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »