Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
peel vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an XSS payload in the couleurId[0] parameter to the latter.
Peel Peel Shopping 9.0.0
4.8
CVSSv3
CVE-2018-1000887
Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. This attack appears to be exploitable if the malicious user has access to t...
Peel Peel Shopping 9.1.0
9.1
CVSSv3
CVE-2021-37593
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the databa...
Peel Peel Shopping 9.4.0
6.5
CVSSv3
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user.
Peel Peel Shopping 9.2.1
6.5
CVSSv3
CVE-2021-41672
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database.
Peel Peel Shopping 9.4.0
7.5
CVSSv3
CVE-2016-8374
An issue exists in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touch...
Schneider-electric Magelis Gtu Universal Panel Firmware -
Schneider-electric Magelis Gto Advanced Optimum Panel Firmware -
Schneider-electric Magelis Sto5 Small Panel Firmware -
Schneider-electric Magelis Stu Small Panel Firmware -
Schneider-electric Magelis Xbt Gh Advanced Hand-held Panel Firmware -
Schneider-electric Magelis Xbt Gk Advanced Touchscreen Panel With Keyboard Firmware -
Schneider-electric Magelis Xbt Gt Advanced Touchscreen Panel Firmware -
Schneider-electric Magelis Xbt Gtw Advanced Open Touchscreen Panel Firmware -
1 Github repository
1 Article
5.3
CVSSv3
CVE-2016-8367
An issue exists in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touch...
Schneider-electric Magelis Gtu Universal Panel Firmware -
Schneider-electric Magelis Gto Advanced Optimum Panel Firmware -
Schneider-electric Magelis Sto5 Small Panel Firmware -
Schneider-electric Magelis Stu Small Panel Firmware -
Schneider-electric Magelis Xbt Gh Advanced Hand-held Panel Firmware -
Schneider-electric Magelis Xbt Gk Advanced Touchscreen Panel With Keyboard Firmware -
Schneider-electric Magelis Xbt Gt Advanced Touchscreen Panel Firmware -
Schneider-electric Magelis Xbt Gtw Advanced Open Touchscreen Panel Firmware -
1 Github repository
1 Article
7.8
CVSSv3
CVE-2018-25015
An issue exists in the Linux kernel prior to 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
1 Github repository
9.8
CVSSv3
CVE-2014-125061
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in peel filebroker and classified as critical. Affected by this issue is the function select_transfer_status_desc of the file lib/common.rb. The manipulation leads to sql injection. The name of the patch is 91097e26a6c84d3...
Filebroker Project Filebroker
5.5
CVSSv3
CVE-2017-6353
net/sctp/socket.c in the Linux kernel up to and including 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: th...
Linux Linux Kernel
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »