Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32723
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Content: from n/a up to and including 1.2.5.
NA
CVE-2024-32728
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a up to and including 2.11.0.
NA
CVE-2024-3274
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handl...
NA
CVE-2024-32743
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module.
1 Github repository
NA
CVE-2024-32744
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module.
1 Github repository
NA
CVE-2024-32745
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module.
1 Github repository
NA
CVE-2024-32746
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module.
1 Github repository
NA
CVE-2024-32764
A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following vers...
NA
CVE-2024-32772
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a up to and including 5.7.9.
NA
CVE-2024-32773
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a up to and including 1.0.116.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »