Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-11094
An issue exists on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, passwo...
Intelbras Ncloud 300 Firmware 1.0
1 EDB exploit
NA
CVE-2008-5974
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) password and (2) username fields.
Activewebsoftwares Active Price Comparison 4.0
2 EDB exploits
NA
CVE-2011-1519
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote malicious users to bypass authentication, and consequently execute arbitrary code, by placi...
Ibm Lotus Domino 7.0.2.3
Ibm Lotus Domino 7.0.3.1
Ibm Lotus Domino 7.0.4.1
Ibm Lotus Domino 7.0.4.2
Ibm Lotus Domino 7.0.1.1
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.1
Ibm Lotus Domino 7.0.2.1
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.2.2
Ibm Lotus Domino 7.0.3
Ibm Lotus Domino 7.0.4
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.0.1
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2
Ibm Lotus Domino 8.5.3
Ibm Lotus Domino 8.0.2
Ibm Lotus Domino 8.0.2.6
Ibm Lotus Domino 8.0.2.3
Ibm Lotus Domino 8.5.1.4
Ibm Lotus Domino 8.5.1.1
1 EDB exploit
NA
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.3.4
NA
CVE-2008-5632
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party informa...
Activewebsoftwares Active Time Billing 3.2
2 EDB exploits
9.8
CVSSv3
CVE-2017-14244
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
Iball Ib-wra150n Firmware Fw Ib-lr7011a 1.0.2
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote malicious user to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
Articatech Web Proxy 4.30.000000
1 Github repository
6.1
CVSSv3
CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote malicious users to bypass the xss_clean() Filter and perform XSS attacks.
Codeigniter Codeigniter
1 EDB exploit
9.8
CVSSv3
CVE-2018-8898
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated malicious users to perform arbitrary modification (r...
Dlink Dsl-3782 Firmware 3.10.0.24
1 EDB exploit
NA
CVE-2013-0397
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Diagnostics.
Oracle E-business Suite 12.0.6
Oracle E-business Suite 12.1.3
Oracle E-business Suite 11.5.10.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »