Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-3667
SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows remote malicious users to execute arbitrary SQL commands via the Username.
Adsdx Adsdx 3.05
1 EDB exploit
7.5
CVSSv2
CVE-2010-0698
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote malicious users to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
Dynamicsoft Wsc Cms 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2012-6626
SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the username field.
Brian Cabunac Browser To Email Phone Message System 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0462
Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote malicious users to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.a...
Clicktech Clickcart 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0707
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote malicious users to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.
Powerscripts Powerclan 1.14a
1 EDB exploit
6.8
CVSSv2
CVE-2009-2883
SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php.
Arabless Saphplesson 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
7.5
CVSSv2
CVE-2005-1149
SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters.
1 EDB exploit
7.5
CVSSv2
CVE-2008-7077
Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password fields.
Relative Sailplanner 0.3a
1 EDB exploit
7.8
CVSSv2
CVE-2014-8424
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote malicious users to bypass authentication.
Arris Vap2500 Firmware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »