Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

jens regel vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv3
CVE-2017-15359
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be a...
3cx 3cx 15.5.3554.1
7.5
CVSSv3
CVE-2017-7240
An issue exists on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sens...
Miele Professional Pst10 Webserver -
7.5
CVSSv3
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
Aveva Intouch Access Anywhere 2020Aveva Intouch Access Anywhere
9.8
CVSSv3
CVE-2018-10197
There is a time-based blind SQL injection vulnerability in the Access Manager component prior to 9.18.040 and 10.x prior to 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ti...
Elo Access Manager
7.5
CVSSv3
CVE-2019-11880
CommSy up to and including 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
Commsy Commsy
NA
CVE-2013-4007
Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Advanced Management Module 2.50Ibm Advanced Management Module 1.28Ibm Advanced Management Module 1.26Ibm Advanced Management Module 1.42Ibm Advanced Management Module 1.36Ibm Advanced Management Module 1.01Ibm Advanced Management Module 2.46Ibm Advanced Management Module 1.34Ibm Advanced Management Module 1.32Ibm Advanced Management Module 2.48Ibm Advanced Management Module 3.54Ibm Advanced Management Module 1.25Ibm Advanced Management ModuleIbm Advanced Management Module 1.20Ibm Advanced Management Module 1.00
7.8
CVSSv3
CVE-2020-12608
An issue exists in SolarWinds MSP PME (Patch Management Engine) Cache Service prior to 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing th...
Solarwinds Managed Service Provider Patch Management Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypassopen redirectCVE-2024-4358CVE-2024-24199CVE-2024-5550CVE-2024-5305CVE-2024-30373CVE-2024-1800deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook