Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2013-0397
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Diagnostics.
Oracle E-business Suite 12.0.6
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 12.1.3
1 EDB exploit
435
VMScore
CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote malicious users to bypass the xss_clean() Filter and perform XSS attacks.
Codeigniter Codeigniter
1 EDB exploit
668
VMScore
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.8
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.3.0
Strongswan Strongswan 4.6.1
760
VMScore
CVE-2008-5974
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) password and (2) username fields.
Activewebsoftwares Active Price Comparison 4.0
2 EDB exploits
1000
VMScore
CVE-2017-14244
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
Iball Ib-wra150n Firmware Fw Ib-lr7011a 1.0.2
1 EDB exploit
1 Github repository
755
VMScore
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.2
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.0.4
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.2
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.2.2
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.9
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.9.2
1 EDB exploit
755
VMScore
CVE-2016-8371
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
Phoenixcontact Ilc Plcs Firmware -
1 EDB exploit
755
VMScore
CVE-2016-8380
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
Phoenixcontact Ilc Plcs Firmware -
1 EDB exploit
510
VMScore
CVE-2014-8493
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote malicious users to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
Zte Zxhn H108l Firmware 4.0.0d Zrq Gr4
2 EDB exploits
755
VMScore
CVE-2018-8898
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated malicious users to perform arbitrary modification (r...
Dlink Dsl-3782 Firmware 3.10.0.24
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »