Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dino dino vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-18861
Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command.
Pcman Ftp Server Project Pcman Ftp Server 2.0.7
4.3
CVSSv2
CVE-2018-18437
In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the Error_Desc parameter.
Axiositalia Registro Elettronico 1.7.0
1 EDB exploit
7.5
CVSSv2
CVE-2018-17428
An issue exists in OPAC EasyWeb Five 5.7. There is SQL injection via the w2001/index.php?scelta=campi biblio parameter.
Nexusfi Opac Easyweb Five 5.7
1 EDB exploit
4.3
CVSSv2
CVE-2017-8865
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device.
Cognitoys Stemosaur Firmware
4.3
CVSSv2
CVE-2017-8866
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote malicious user to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server.
Cognitoys Stemosaur Firmware
4.3
CVSSv2
CVE-2017-8867
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 use AES-128 with ECB mode to encrypt voice traffic between the device and remote server, allowing a malicious user to map encrypted traffic to a particular AES key index and gaining further access to...
Cognitoys Stemosaur Firmware
4.3
CVSSv2
CVE-2016-3411
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration prior to 8.7.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
Synacor Zimbra Collaboration Suite
1 EDB exploit
5.4
CVSSv2
CVE-2014-7633
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Tappocket Dino Zoo 1.5
5.4
CVSSv2
CVE-2014-6997
The Dino Village (aka com.tappocket.dinovillage) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Itiw-webdev Dino Village 1.6
6.8
CVSSv2
CVE-2008-4075
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote malicious users to read arbitrary files via a .. (dot dot) in the topic parameter.
Dino D-iscussion Board 3.01
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »