Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
local users vulnerabilities and exploits
(subscribe to this query)
8.8
CVE-2022-3026
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile...
Wp-users-exporter Project Wp-users-exporter
1 Github repository available
4.8
CVSSv3
CVE-2021-24782
The Flex Local Fonts WordPress plugin through 1.0.0 does not escape the Class Name field when adding a font, which could allow hight privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed....
Flex Local Fonts Project Flex Local Fonts
4.9
CVSSv3
CVE-2021-27999
A SQL injection vulnerability was discovered in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database....
Local Services Search Engine Management System Project Local Services Search Engine Management System 1.0
6.1
CVSSv3
CVE-2020-4503
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4645
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
Ibm Planning Analytics Local
6.1
CVSSv3
CVE-2018-1676
IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Planning Analytics Local
4.3
CVSSv3
CVE-2020-4649
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022....
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4306
IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4431
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4360
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Ibm Planning Analytics Local
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-46411
CVE-2021-32915
CVE-2021-32899
cache poisoning
CVE-2021-43864
CVE-2022-21661
local file inclusion
brute force
CVE-2022-4116
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon