Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vikas chaudhary vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv2
CVE-2019-7439
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
4
CVSSv2
CVE-2019-7441
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it ...
Woocommerce Paypal Checkout Payment Gateway 1.6.8
1 EDB exploit
4.3
CVSSv2
CVE-2019-7438
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
6.8
CVSSv2
CVE-2018-15181
JioFi 4G Hotspot M2S devices allow malicious users to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
Jio 4g Hotspot M2s Firmware -
1 EDB exploit
3.5
CVSSv2
CVE-2018-14541
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
Readymadeb2bscript Basic B2b 2.0.0
4.3
CVSSv2
CVE-2018-13256
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
3.5
CVSSv2
CVE-2018-14082
PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Scripting (XSS) via the search bar.
Freelancewebdesignerchennai Job Portal 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started