Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ryan delaney vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-240341
Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values in...
6.1
CVSSv3
CVE-2019-12783
An issue exists in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by malicious users to "crowdsource" bruteforce login att...
Verint Impact 360 15.1
8.8
CVSSv3
CVE-2019-12784
An issue exists in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by malicious users to "crowdsource" bruteforce login attempts on the target site, allowin...
Verint Impact 360 15.1
NA
CVE-2019-127731
Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site w...
NA
CVE-2019-127831
Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.
NA
CVE-2019-127841
Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.
NA
CVE-2019-95551
Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.
NA
CVE-2018-192901
Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started