Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service provider vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43457
An issue in Service Provider Management System v.1.0 allows a remote malicious user to gain privileges via the ID parameter in the /php-spms/admin/?page=user/ endpoint.
Oretnom23 Service Provider Management System 1.0
NA
CVE-2023-43456
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote malicious user to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint.
Oretnom23 Service Provider Management System 1.0
NA
CVE-2023-41890
Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a mali...
Sustainsys Saml2
NA
CVE-2023-4807
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an a...
Openssl Openssl
NA
CVE-2023-3644
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. The attack can...
Oretnom23 Service Provider Management System 1.0
NA
CVE-2023-36661
Shibboleth XMLTooling prior to 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
Shibboleth Xmltooling
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-26062
A mobile network solution internal fault is found in Nokia Web Element Manager prior to 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exp...
Nokia Web Element Manager
NA
CVE-2023-34581
Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID parameter in /php-spms/?page=services/view&id=2
Oretnom23 Service Provider Management System 1.0
NA
CVE-2023-3120
A vulnerability, which was classified as critical, was found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file view_service.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remo...
Oretnom23 Service Provider Management System 1.0
NA
CVE-2023-3119
A vulnerability, which was classified as critical, has been found in SourceCodester Service Provider Management System 1.0. Affected by this issue is some unknown functionality of the file view.php. The manipulation of the argument id leads to sql injection. The attack may be lau...
Oretnom23 Service Provider Management System 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »