Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

hyp3rlinx.altervista.org vulnerabilities and exploits

(subscribe to this query)
5.5
CVSSv3
CVE-2020-6857
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.
Taskautomation Carbonftp 1.4
9.8
CVSSv3
CVE-2018-11741
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
Nec Univerge Sv9100 Webpro Firmware 6.00.00
8.8
CVSSv3
CVE-2018-18550
ServersCheck Monitoring Software prior to 14.3.4 allows SQL Injection by an authenticated user.
Serverscheck Serverscheck
6.1
CVSSv3
CVE-2018-18551
ServersCheck Monitoring Software up to and including 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, group_delete.html group parameter, report_save.html quer...
Serverscheck Monitoring Software
6.5
CVSSv3
CVE-2018-18552
ServersCheck Monitoring Software up to and including 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes...
Serverscheck Monitoring Software
7.8
CVSSv3
CVE-2020-13866
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
Qbik Wingate 9.4.1.5998
6.1
CVSSv3
CVE-2016-5715
Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a // (slash slash) followed by a domain in the redirect parameter. NOTE: thi...
Puppet Puppet Enterprise
7.8
CVSSv3
CVE-2019-20357
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vul...
Trendmicro Antivirus \\+ Security 2019 15.0Trendmicro Antivirus \\+ Security 2020 16.0Trendmicro Internet Security 2019 15.0Trendmicro Internet Security 2020 16.0Trendmicro Maximum Security 2019 15.0Trendmicro Maximum Security 2020 16.0Trendmicro Premium Security 2019 15.0Trendmicro Premium Security 2020 16.0
9.8
CVSSv3
CVE-2019-13577
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987.
Computerlab Maple Computer Wbt Snmp Administrator 2.0.195.15
6.1
CVSSv3
CVE-2018-6361
Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.
Ehcp Easy Hosting Control Panel 0.37.12.b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook