Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-4408
The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated malicious users ...
Designwall Dw Question \\& Answer
NA
CVE-2010-1302
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote malicious users to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
Decryptweb Com Dwgraphs 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2019-19112
The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.
Gvectors Wpforo 1.6.5
4.8
CVSSv3
CVE-2018-19892
DomainMOD up to and including 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
Domainmod Domainmod
NA
CVE-2024-27408
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell regi...
NA
CVE-2024-27409
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell regi...
7.8
CVSSv3
CVE-2023-44122
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launche...
Google Android 12.0
Google Android 13.0
NA
CVE-2021-47165
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unable t...
NA
CVE-2004-2509
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.5
3 EDB exploits
NA
CVE-2004-2510
Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads prior to 6.5 allows remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.0
Ubbcentral Ubb.threads 6.2.2
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.4.4
Ubbcentral Ubb.threads 6.1
Ubbcentral Ubb.threads 6.1.1
Ubbcentral Ubb.threads 6.4
Ubbcentral Ubb.threads 6.4.1
Ubbcentral Ubb.threads 6.2
Ubbcentral Ubb.threads 6.2.1
Ubbcentral Ubb.threads 6.4.2
Ubbcentral Ubb.threads 6.4.3
Ubbcentral Ubb.threads 6.0.1
Ubbcentral Ubb.threads 6.0.2
Ubbcentral Ubb.threads 6.0.3
Ubbcentral Ubb.threads 6.3
Ubbcentral Ubb.threads 6.3.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2