Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omni vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-33188
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not p...
Omninotes Omni Notes
9.8
CVSSv3
CVE-2022-40766
Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.
Moderncampus Omni Cms 10.2.4
7.8
CVSSv3
CVE-2019-11117
Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.
Intel Omni-path Fabric Manager Gui
NA
CVE-2006-5792
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-20...
Xlink Technology Omni-nfs X Enterprise
2 EDB exploits
NA
CVE-2006-5780
Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote malicious users to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.
Xlink Technology Omni-nfs Server 5.2
2 EDB exploits
NA
CVE-1999-1349
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote malicious users to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
Xlink Technology Omni-nfs X Enterprise 6.1
6.5
CVSSv3
CVE-2021-30173
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.
8.6
CVSSv3
CVE-2018-2463
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
Sap Hybris
NA
CVE-2007-1432
Grayscale Blog 0.8.0, and possibly earlier versions, allows remote malicious users to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks...
Grayscale Grayscale Blog
1 EDB exploit
NA
CVE-2007-2007
admin.php in pL-PHP beta 0.9 allows remote malicious users to bypass authentication by setting the is_admin parameter to 1.
Pl-php Pl-php 0.9 Beta
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »