Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-20017
A vulnerability, which was classified as critical, has been found in The Next Generation of Genealogy Sitebuilding up to 11.1.0. This issue affects some unknown processing of the file /timeline2.php. The manipulation of the argument primaryID leads to sql injection. The attack ma...
Tngsitebuilding The Next Generation Of Genealogy Sitebuilding
5.9
CVSSv3
CVE-2019-6147
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Fo...
Forcepoint Next Generation Firewall Security Management Center
8.8
CVSSv3
CVE-2023-39420
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help...
Resortdata Internet Reservation Module Next Generation 5.3.2.15
7.7
CVSSv3
CVE-2023-39421
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with these services.
Resortdata Internet Reservation Module Next Generation 5.4.1.23
9.1
CVSSv3
CVE-2023-39423
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.
Resortdata Internet Reservation Module Next Generation 5.3.2.15
8.8
CVSSv3
CVE-2023-39424
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote malicious user to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authenticat...
Resortdata Internet Reservation Module Next Generation 5.3.2.15
NA
CVE-2007-4735
Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote malicious users to execute arbitrary code via a long file path in an m3u file.
Next Generation Software Virtual Dj \\(vdj\\) 5.0
1 EDB exploit
NA
CVE-2002-2038
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.
Bill Abt Next Generation Posix Threading 1.9.0
5.4
CVSSv3
CVE-2020-4542
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...
Ibm Engineering Requirements Management Doors Next 7.0
1 Github repository
NA
CVE-2009-4320
Cross-site scripting (XSS) vulnerability in searchform.php in The Next Generation of Genealogy Sitebuilding (TNG) 7.1.2 allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Lythgoes The Next Generation Of Genealogy Sitebuilding 7.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »