Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mohammed abdul raheem vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-15929
In Craft CMS up to and including 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them.
Craftcms Craft Cms
5
CVSSv2
CVE-2019-14280
In some circumstances, Craft 2 prior to 2.7.10 and 3 prior to 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public.
Craftcms Craft Cms
1 EDB exploit
3.5
CVSSv2
CVE-2018-20010
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-20011
DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-20009
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-19913
DomainMOD up to and including 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field.
Domainmod Domainmod
3.5
CVSSv2
CVE-2018-19914
DomainMOD up to and including 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-19915
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-19892
DomainMOD up to and including 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
Domainmod Domainmod
3.5
CVSSv2
CVE-2018-19750
DomainMOD up to and including 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields.
Domainmod Domainmod
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »