Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
auditor vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
Cms Auditor Website Project Cms Auditor Website 1.0
1 EDB exploit
7.8
CVSSv3
CVE-2019-14969
Netwrix Auditor prior to 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file ...
Netwrix Auditor
9.8
CVSSv3
CVE-2022-31199
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by t...
Netwrix Auditor
6.1
CVSSv3
CVE-2021-31851
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Audito...
Mcafee Policy Auditor
6.1
CVSSv3
CVE-2021-31852
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based...
Mcafee Policy Auditor
7.5
CVSSv3
CVE-2017-9024
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing malicious users to read arbitrary files via ../ sequences in a pathname.
Secure-bytes Secure Cisco Auditor 3.0
1 EDB exploit
6.1
CVSSv3
CVE-2018-13256
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
5.4
CVSSv3
CVE-2018-20636
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
8.8
CVSSv3
CVE-2018-15186
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
5.4
CVSSv3
CVE-2019-7553
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »