Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34534
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows malicious users to access sensitive infromation via a crafted API call.
Dw Spectrum Server Firmware 4.2.0.32842
NA
CVE-2022-34535
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated malicious users to view internal paths and scripts via web files.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34536
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows malicious users to access the core log file and perform session hijacking via a crafted session token.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34540
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34539
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34537
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34538
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-2423
The DW Promobar WordPress plugin up to and including 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in mult...
Designwall Dw Promobar
383
VMScore
CVE-2021-24805
The DW Question & Answer Pro WordPress plugin up to and including 1.3.4 does not properly check for CSRF in some of its functions, allowing malicious users to make logged in users perform unwanted actions, such as update a comment or a question status.
Designwall Dw Question \\& Answer
NA
CVE-2021-4408
The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated malicious users ...
Designwall Dw Question \\& Answer
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »