Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

momen eldawakhly vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv3
CVE-2021-46381
Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
Dlink Dap-1620 Firmware -
6.1
CVSSv3
CVE-2021-46387
ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks s...
Zyxel Zywall 2 Plus Internet Security Appliance Firmware -
NA
CVE-2021-46388
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability (fails CNT2) - Has no impact on availability, integrity or confidence as only documented html templates are shown without additional data or the option to store changes. Notes
8.1
CVSSv3
CVE-2021-46416
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.
Sma Sunny Tripower Firmware 3.10.16.r
7.5
CVSSv3
CVE-2021-46417
Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.
Franklinfueling Colibri Firmware 1.8.19.8580
9.1
CVSSv3
CVE-2021-46419
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.
Telesquare Tlr-2855ks6 Firmware -
7.5
CVSSv3
CVE-2022-30286
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code.
Pyscript Pyscript
6.1
CVSSv3
CVE-2021-45425
Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote malicious users to execute JavaScript codes.
Safarimontage Safari Montage 8.3Safarimontage Safari Montage 8.5
7.5
CVSSv3
CVE-2021-46418
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
Telesquare Tlr-2855ks6 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook