Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2006-2280
Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and previous versions allows remote malicious users to list arbitrary directories and read arbitrary files via a .. (dot dot) in the template parameter.
Openengine Openengine 1.8 Beta2
Openengine Openengine 1.7.1
1 EDB exploit
465
VMScore
CVE-2003-1169
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.
Datev Nutzungskontrolle 2.2
Datev Nutzungskontrolle 2.1
1 EDB exploit
NA
CVE-2022-20861
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the D...
Cisco Nexus Dashboard
755
VMScore
CVE-2002-0589
PVote prior to 1.9 allows remote malicious users to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
Steve Korbett Pvote 1.0
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.5
Steve Korbett Pvote 1.0a
1 EDB exploit
505
VMScore
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7
Aol Instant Messenger 4.7.2480
1 EDB exploit
755
VMScore
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and previous versions allows remote malicious users to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new ad...
Jiro Banner System 1.0 Professional
Jiro Banner System 1.0 Experience
1 EDB exploit
890
VMScore
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.1.0
725
VMScore
CVE-2003-1358
rs.F300 for HP-UX 10.0 up to and including 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Hp Hp-ux 10.30
Hp Hp-ux 11.11
Hp Hp-ux 10.01
Hp Hp-ux 10.00
Hp Hp-ux 10.26
Hp Hp-ux 11.04
Hp Hp-ux 10.34
Hp Hp-ux 11.00
Hp Hp-ux 11.0.4
Hp Hp-ux 10.24
Hp Hp-ux 11.22
Hp Hp-ux 10.08
Hp Hp-ux 10.20
Hp Hp-ux 10.09
Hp Hp-ux 11.20
Hp Hp-ux 10.10
Hp Hp-ux 10.16
1 EDB exploit
645
VMScore
CVE-2001-0283
Directory traversal vulnerability in SunFTP build 9 allows remote malicious users to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Sun Sun Ftp Build 9
1 EDB exploit
505
VMScore
CVE-2007-6056
frame.html in Aida-Web (Aida Web) allows remote malicious users to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
Aida-orga Aida-web
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »