Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
st vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-39314
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.2 versions.
Te-st Leyka
6.1
CVSSv3
CVE-2023-33325
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.1 versions.
Te-st Leyka
6.1
CVSSv3
CVE-2023-27450
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.
Te-st Leyka
4.8
CVSSv3
CVE-2023-2995
The Leyka WordPress plugin prior to 3.30.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup...
Te-st Leyka
NA
CVE-2003-0392
Directory traversal vulnerability in ST FTP Service 3.0 allows remote malicious users to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:).
St Ftp Service 3.0
NA
CVE-2008-0683
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the newsletter parameter.
Wordpress St Newsletter Plugin
1 EDB exploit
8.8
CVSSv3
CVE-2021-24487
The St-Daily-Tip WordPress plugin up to and including 4.7 does not have any CSRF check in place when saving its 'Default Text to Display if no tips' setting, and was also lacking sanitisation as well as escaping before outputting it the page. This could allow malicious ...
Sanskruti St-daily-tip
NA
CVE-2009-1799
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parame...
Sebastian-thiele St-gallery 0.1 Alpha
1 EDB exploit
9.8
CVSSv3
CVE-2021-42553
A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions prior to 3.5.1 allows an malicious user to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS ...
St Stm32 Mw Usb Host -
1 Github repository
7.5
CVSSv3
CVE-2023-50096
STMicroelectronics STSAFE-A1xx middleware prior to 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applicatio...
St X-cube-safea1 1.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »