Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samrat das vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-14523
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrator as a self attack
Wondercms Wondercms 2.3.1
1 EDB exploit
6.8
CVSSv2
CVE-2018-7176
FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).
Frontaccounting Frontaccounting 2.4.3
1 EDB exploit
6.8
CVSSv2
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
6.5
CVSSv2
CVE-2017-14521
In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload.
Wondercms Wondercms 2.3.0
Wondercms Wondercms 2.3.1
1 EDB exploit
4.3
CVSSv2
CVE-2018-7198
October CMS up to and including 1.0.431 allows XSS by entering HTML on the Add Posts page.
Octobercms October
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started