Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simon . vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12928
A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote malicious users to log in via SSH and escalate privileges to root access with the same credentials.
Tecnovision Dlx Spot Player4 -
1 Github repository
NA
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.17
E107 E107 0.7.18
E107 E107 0.7.19
E107 E107 0.7.2
E107 E107
E107 E107 0.7.1
E107 E107 0.7.10
E107 E107 0.7.11
E107 E107 0.7.12
E107 E107 0.7.3
E107 E107 0.7.4
E107 E107 0.7.5
E107 E107 0.7.6
E107 E107 0.7.0
E107 E107 0.7.13
E107 E107 0.7.15
E107 E107 0.7.21
E107 E107 0.7.24
E107 E107 0.7.8
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.16
1 EDB exploit
NA
CVE-2012-1556
Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.
Synology Diskstation Manager 3.2-1955
Synology Synology Photo Station 5
1 EDB exploit
7.5
CVSSv3
CVE-2019-0752
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.
Microsoft Internet Explorer 11
Microsoft Internet Explorer 10
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv3
CVE-2018-15535
/filemanager/ajax_calls.php in tecrail Responsive FileManager prior to 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location tha...
Tecrail Responsive Filemanager
1 EDB exploit
5.5
CVSSv3
CVE-2018-15536
/filemanager/ajax_calls.php in tecrail Responsive FileManager prior to 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal.
Tecrail Responsive Filemanager
1 EDB exploit
NA
CVE-2002-0554
webdriver in IBM Informix Web DataBlade 4.12 allows remote malicious users to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.
Ibm Informix Web Datablade 4.12
Ibm Informix Web Datablade 4.10
Ibm Informix Web Datablade 4.11
1 EDB exploit
NA
CVE-2008-1885
Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote malicious users to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the Http...
Cdnetworks Download Client
1 EDB exploit
NA
CVE-2008-1886
The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote malicious users to bypass this protection mechanism by calculating the required KeyC...
Cdnetworks Download Client
1 EDB exploit
6.1
CVSSv3
CVE-2018-15538
Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities.
Agentejo Cockpit -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »