Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metin yunus kandemir vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-24263
Hospital Management System v4.0 exists to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
Phpgurukul Hospital Management System 4.0
6.1
CVSSv3
CVE-2019-16197
In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to XSS.
Dolibarr Dolibarr Erp\\/crm 10.0.1
1 EDB exploit
8.8
CVSSv3
CVE-2020-15046
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote malicious users to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88.
Supermicro X10drh-it Bios 2.0a
Supermicro X10drh-it Firmware 3.40
6.1
CVSSv3
CVE-2019-14427
XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.
Webstudio Ultimate Loan Manager 2.0
6.5
CVSSv3
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2022-29457
Zoho ManageEngine ADSelfService Plus prior to 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adaudit Plus 7.0.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Exchange Reporter Plus 5.7
Zohocorp Manageengine Exchange Reporter Plus
6.1
CVSSv3
CVE-2019-13346
In MyT 1.5.1, the User[username] parameter has XSS.
Myt Project Myt 1.5.1
1 EDB exploit
7.8
CVSSv3
CVE-2019-11354
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplicati...
Ea Origin 10.5.36
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started