Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
site server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23642
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions before 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileg...
NA
CVE-2024-23643
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions before 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level privileg...
NA
CVE-2024-23640
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions before 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileg...
NA
CVE-2023-51445
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions before 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileg...
NA
CVE-2024-24827
Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an malicious user to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impac...
NA
CVE-2024-2445
Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x prior to 8.1.10, 9.2.x prior to 9.2.6, 9.3.x prior to 9.3.2, and 9.4.x prior to 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an malicious user to perform reflected cros...
NA
CVE-2024-1883
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited...
NA
CVE-2024-28251
Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching t...
NA
CVE-2023-49785
NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also wri...
NA
CVE-2023-5451
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerab...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »