Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vikas chaudhary vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-7438
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
6.1
CVSSv2
CVE-2019-7439
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
4
CVSSv2
CVE-2019-7441
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it ...
Woocommerce Paypal Checkout Payment Gateway 1.6.8
1 EDB exploit
6.8
CVSSv2
CVE-2018-15181
JioFi 4G Hotspot M2S devices allow malicious users to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
Jio 4g Hotspot M2s Firmware -
1 EDB exploit
3.5
CVSSv2
CVE-2018-14082
PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Scripting (XSS) via the search bar.
Freelancewebdesignerchennai Job Portal 3.0.1
3.5
CVSSv2
CVE-2018-14541
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
Readymadeb2bscript Basic B2b 2.0.0
4.3
CVSSv2
CVE-2018-13256
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started