Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mr_me vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-14075
This vulnerability allows local malicious users to escalate privileges on Jungo WinDriver 12.4.0 and previous versions. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists w...
Jungo Windriver
1 EDB exploit
8.1
CVSSv3
CVE-2018-15576
An issue exists in EasyLogin Pro up to and including 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key.
Hazzardweb Easylogin Pro
1 EDB exploit
7.8
CVSSv3
CVE-2017-14153
This vulnerability allows local malicious users to escalate privileges on Jungo WinDriver 12.4.0 and previous versions. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists w...
Jungo Windriver
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2017-14344
This vulnerability allows local malicious users to escalate privileges on Jungo WinDriver 12.4.0 and previous versions. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists w...
Jungo Windriver
1 EDB exploit
NA
CVE-2011-1055
SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the session.user_id parameter to media.cfm.
Lingxia273 Lingxia I.c.e Cms 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2016-2539
Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor prior to 2.2.2 allows remote malicious users to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.
Atutor Atutor
1 EDB exploit
NA
CVE-2010-0496
FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote malicious users to cause a denial of service (daemon crash) via a HEAD request for the / URI.
Freebit Serversman 3.1.5
1 EDB exploit
NA
CVE-2010-4910
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote malicious users to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
Coldgen Coldcalendar 2.06
1 EDB exploit
NA
CVE-2010-4913
Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote malicious users to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information.
Coldgen Coldusergroup 1.06
1 EDB exploit
NA
CVE-2010-4915
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote malicious users to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action.
Coldgen Coldbookmarks 1.22
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »