Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web studio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2019-1234567
HelloWeb 🚀本文档面向初次踏入 The Web World 的新生,希望为你们提供一个可供参考的学习路线。 ✨该文档最早公开于 ma5hr00m/HelloWeb,计划用于 Vidar-Team2024 届招新。 0x00 前言 Web 安全与 Web 开发往往是绑定在一起的,所以本文档会同时介绍 安全&开发,还会有一些零零散散的其他想要告诉新生的东西,所以内容会略多,希望多点耐心看完。 在开始之前,你们需要准备一些东西,要求不高,相信大家都有: 🧠能独立思考的大脑 💻可以使用的电脑 🔮流畅的网络 ❤️积极好学的心 此...
1 Github repository
NA
CVE-2024-3005
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's LaStudioKit Post Author widget in all versions up to, and including, 1.3.7.5 due to insufficient input sanitization and output escaping on user supplied...
NA
CVE-2024-31344
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phpbits Creative Studio Easy Login Styler – White Label Admin Login Page for WordPress allows Stored XSS.This issue affects Easy Login Styler – White Label ...
NA
CVE-2024-2249
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including, 1.3.7.4 due to insufficient input sanitization and output escaping the user suppl...
NA
CVE-2023-6132
The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe DLL.
NA
CVE-2023-47116
Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio before 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable c...
Humansignal Label Studio
NA
CVE-2024-23633
Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that exec...
Humansignal Label Studio
NA
CVE-2021-42797
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.
Aveva Edge 2020
Aveva Edge
NA
CVE-2021-42796
An issue exists in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.
Aveva Edge 2020
Aveva Edge
NA
CVE-2021-42794
An issue exists in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.
Aveva Edge 2020
Aveva Edge
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »