Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local users vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-3026
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile informat...
Wp-users-exporter Project Wp-users-exporter
4.8
CVSSv3
CVE-2021-24782
The Flex Local Fonts WordPress plugin up to and including 1.0.0 does not escape the Class Name field when adding a font, which could allow hight privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Flex Local Fonts Project Flex Local Fonts
4.9
CVSSv3
CVE-2021-27999
A SQL injection vulnerability exists in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database.
Local Services Search Engine Management System Project Local Services Search Engine Management System 1.0
4.3
CVSSv3
CVE-2020-4649
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.
Ibm Planning Analytics Local
7.8
CVSSv3
CVE-2017-11672
The OPC Foundation Local Discovery Server (LDS) prior to 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.
Opcfoundation Local Discovery Server
6.1
CVSSv3
CVE-2020-4366
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4431
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4360
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
6.1
CVSSv3
CVE-2020-4503
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
5.4
CVSSv3
CVE-2020-4645
IBM Planning Analytics Local 2.0.0 up to and including 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...
Ibm Planning Analytics Local
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-9474
CVE-2024-36620
file inclusion
cache poisoning
man-in-the-middle
CVE-2024-20138
CVE-2024-0012
CVE-2024-20131
CVE-2024-11995
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »