Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jens regel vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-15359
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be a...
3cx 3cx 15.5.3554.1
1 EDB exploit
7.5
CVSSv3
CVE-2017-7240
An issue exists on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sens...
Miele Professional Pst10 Webserver -
1 EDB exploit
2 Articles
7.5
CVSSv3
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
Aveva Intouch Access Anywhere 2020
Aveva Intouch Access Anywhere
1 EDB exploit
9.8
CVSSv3
CVE-2018-10197
There is a time-based blind SQL injection vulnerability in the Access Manager component prior to 9.18.040 and 10.x prior to 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ti...
Elo Access Manager
7.5
CVSSv3
CVE-2019-11880
CommSy up to and including 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
Commsy Commsy
NA
CVE-2013-4007
Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Advanced Management Module 2.50
Ibm Advanced Management Module 1.28
Ibm Advanced Management Module 1.26
Ibm Advanced Management Module 1.42
Ibm Advanced Management Module 1.36
Ibm Advanced Management Module 1.01
Ibm Advanced Management Module 2.46
Ibm Advanced Management Module 1.34
Ibm Advanced Management Module 1.32
Ibm Advanced Management Module 2.48
Ibm Advanced Management Module 3.54
Ibm Advanced Management Module 1.25
Ibm Advanced Management Module
Ibm Advanced Management Module 1.20
Ibm Advanced Management Module 1.00
7.8
CVSSv3
CVE-2020-12608
An issue exists in SolarWinds MSP PME (Patch Management Engine) Cache Service prior to 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing th...
Solarwinds Managed Service Provider Patch Management Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started