Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
set user project set user vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-41558
The set_user extension module prior to 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.
Set User Project Set User
9.8
CVSSv3
CVE-2021-38140
The set_user extension module prior to 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().
Set User Project Set User
6.5
CVSSv3
CVE-2022-1790
The New User Email Set Up WordPress plugin up to and including 0.5.2 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
New User Email Set Up Project New User Email Set Up
9.8
CVSSv3
CVE-2021-23440
This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.
Set-value Project Set-value
Oracle Communications Cloud Native Core Policy 1.14.0
NA
CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...
Juniper Session And Resource Control 2.0
Juniper Src Pe 1.0
Juniper Session And Resource Control 1.0
Juniper Src Pe 2.0
1 EDB exploit
5.5
CVSSv3
CVE-2015-8326
The IPTables-Parse module prior to 1.6 for Perl allows local users to write to arbitrary files owned by the current user.
Iptables-parse Project Iptables-parse Module 0.6
Iptables-parse Project Iptables-parse Module 0.5
Iptables-parse Project Iptables-parse Module 1.3.1
Iptables-parse Project Iptables-parse Module 1.3
Iptables-parse Project Iptables-parse Module 0.8
Iptables-parse Project Iptables-parse Module 1.0
Iptables-parse Project Iptables-parse Module 1.4
Iptables-parse Project Iptables-parse Module 1.6.1
Iptables-parse Project Iptables-parse Module 0.9
Iptables-parse Project Iptables-parse Module 0.7
Iptables-parse Project Iptables-parse Module 1.1
Iptables-parse Project Iptables-parse Module 1.5
Iptables-parse Project Iptables-parse Module 1.6
NA
CVE-2013-4509
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and previous versions, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate malicious users to obtain a user password by re...
Ibus Project Ibus 1.5.4
Ibus Project Ibus
Opensuse Opensuse 13.1
NA
CVE-2011-4074
Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via an _debug command.
Phpldapadmin Project Phpldapadmin 1.2.0
Phpldapadmin Project Phpldapadmin 1.2.0.1
Phpldapadmin Project Phpldapadmin 1.2.0.2
Phpldapadmin Project Phpldapadmin 1.2.0.3
Phpldapadmin Project Phpldapadmin 1.2.0.4
Phpldapadmin Project Phpldapadmin 1.2.0.5
Phpldapadmin Project Phpldapadmin 1.2.1
Phpldapadmin Project Phpldapadmin 1.2.1.1
1 EDB exploit
NA
CVE-2011-4075
The masort function in lib/functions.php in phpLDAPadmin 1.2.x prior to 1.2.2 allows remote malicious users to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.
Phpldapadmin Project Phpldapadmin 1.2.0
Phpldapadmin Project Phpldapadmin 1.2.0.1
Phpldapadmin Project Phpldapadmin 1.2.0.2
Phpldapadmin Project Phpldapadmin 1.2.0.3
Phpldapadmin Project Phpldapadmin 1.2.0.4
Phpldapadmin Project Phpldapadmin 1.2.0.5
Phpldapadmin Project Phpldapadmin 1.2.1
Phpldapadmin Project Phpldapadmin 1.2.1.1
2 EDB exploits
NA
CVE-2007-6330
Meridian Prolog Manager 2007, and 7.5 and previous versions, sends all usernames and passwords to the client in a (1) cleartext or (2) weakly encrypted format to support client-side login authentication, which makes it easier for remote malicious users to obtain database access b...
Meridian Software Prolog Manager 7.0
Meridian Software Prolog Manager 7.5
Meridian Software Prolog Manager 2007
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »