Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portal vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-43936
The software allows the malicious user to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution.
Webhmi Webhmi Firmware
1 Github repository
10
CVSSv2
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
10
CVSSv2
CVE-2021-42669
A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by a...
Engineers Online Portal Project Engineers Online Portal -
2 Github repositories
10
CVSSv2
CVE-2021-37912
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging i...
Hgiga Oaklouds Portal
10
CVSSv2
CVE-2021-37913
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.
Hgiga Oaklouds Portal
10
CVSSv2
CVE-2021-31324
The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution.
Control-webpanel Webpanel -
10
CVSSv2
CVE-2021-31316
The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.
Control-webpanel Webpanel -
10
CVSSv2
CVE-2020-29127
An issue exists on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang...
Fujitsu Eternus Storage Dx200 S4 Firmware
2 Github repositories
10
CVSSv2
CVE-2020-2040
A buffer overflow vulnerability in PAN-OS allows an unauthenticated malicious user to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue imp...
Paloaltonetworks Pan-os
1 Article
10
CVSSv2
CVE-2019-9531
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote malicious user to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that prov...
Cobham Explorer 710 Firmware 1.07
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »