Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haboob team vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2019-10945
An issue exists in Joomla! prior to 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing malicious users to act outside the media manager root directory.
Joomla Joomla\\!
1 EDB exploit
1 Github repository
505
VMScore
CVE-2018-8947
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote malicious users to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
Laravel Log Viewer Project Laravel Log Viewer
1 EDB exploit
755
VMScore
CVE-2018-14592
The CWJoomla CW Article Attachments PRO extension prior to 2.0.7 and CW Article Attachments FREE extension prior to 1.0.6 for Joomla! allow SQL Injection within download.php.
Cwjoomla Cw Article Attachments Pro
Cwjoomla Cw Article Attachments Free
1 EDB exploit
1 Github repository
578
VMScore
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
940
VMScore
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started