Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kc vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-4406
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: up to and including 20231123. NOTE: The vendor was contacted early about this ...
Kc Group E-commerce Software Project Kc Group E-commerce Software
5.9
CVSSv3
CVE-2017-9574
The "KC Area Credit Union Mobile Banking" by K C Area Credit Union app 3.0.1 -- aka kc-area-credit-union-mobile-banking/id1097607736 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain s...
Meafinancial Kc Area Credit Union Mobile Banking 3.0.1
NA
CVE-2008-1170
Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the page parameter to (1) minimal/wiki.php and (2) simplest/wiki.php.
Kcwiki Kcwiki 1.0
2 EDB exploits
6.1
CVSSv3
CVE-2019-9910
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS.
King-theme Kingcomposer 2.7.6
6.1
CVSSv3
CVE-2020-15299
A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin up to and including 2.9.4 for WordPress allows remote malicious users to trick a victim into submitting an install_online_preset AJAX request containing base64-encoded JavaScript (in the kc-online-pre...
King-theme Kingcomposer
NA
CVE-2023-6717
A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one real...
NA
CVE-2005-0513
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote malicious users to execute arbitrary PHP code by directly requesting mail_autocheck.php and modify...
Pmachine Pmachine Pro 2.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started