Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
id vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34701
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users to be considered as the requester of a specific wiki request if their local user ID on any wiki in a wiki farm matches the local ID of the requester at the wiki where t...
NA
CVE-2024-35050
An issue in SurveyKing v1.3.1 allows malicious users to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
NA
CVE-2024-35205
The WPS Office (aka cn.wps.moffice_eng) application prior to 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a craf...
NA
CVE-2024-3055
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and l...
NA
CVE-2024-34080
MantisBT (Mantis Bug Tracker) is an open source issue tracker. If an issue references a note that belongs to another issue that the user doesn't have access to, then it gets hyperlinked. Clicking on the link gives an access denied error as expected, yet some information rema...
NA
CVE-2024-34226
SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow malicious users to execute arbitrary SQL commands via the id parameters.
NA
CVE-2024-34310
Jin Fang Times Content Management System v3.2.3 exists to contain a SQL injection vulnerability via the id parameter.
1 Github repository
NA
CVE-2024-28760
IBM App Connect Enterprise 11.0.0.1 up to and including 11.0.0.25 and 12.0.1.0 up to and including 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244.
NA
CVE-2024-28761
IBM App Connect Enterprise 11.0.0.1 up to and including 11.0.0.25 and 12.0.1.0 up to and including 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secur...
NA
CVE-2024-28781
IBM UrbanCode Deploy (UCD) 7.0 up to and including 7.0.5.20, 7.1 up to and including 7.1.2.16, 7.2 up to and including 7.2.3.9, 7.3 up to and including 7.3.2.4, and 8.0 up to and including 8.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arb...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »