Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haboob team vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-10945
An issue exists in Joomla! prior to 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing malicious users to act outside the media manager root directory.
Joomla Joomla\\!
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2018-8947
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote malicious users to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
Laravel Log Viewer Project Laravel Log Viewer
1 EDB exploit
9.8
CVSSv3
CVE-2018-14592
The CWJoomla CW Article Attachments PRO extension prior to 2.0.7 and CW Article Attachments FREE extension prior to 1.0.6 for Joomla! allow SQL Injection within download.php.
Cwjoomla Cw Article Attachments Pro
Cwjoomla Cw Article Attachments Free
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
7.2
CVSSv3
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started