Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2017-5473
Cross-site request forgery (CSRF) vulnerability in ntopng up to and including 2.4 allows remote malicious users to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua...
Ntop Ntopng
1 EDB exploit
215
VMScore
CVE-2018-16252
FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.
Fspro Event Log Explorer 4.6.1.2115
1 EDB exploit
725
VMScore
CVE-2017-3141
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.1...
Isc Bind
Isc Bind 9.3.2
Isc Bind 9.2.6
1 EDB exploit
1 Github repository
685
VMScore
CVE-2017-11567
Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server prior to 6.9 allows remote malicious users to hijack the authentication of users for requests that modify Mongoose.conf via a request to __mg_admin?save. NOTE: this issue can be leveraged to execute arbitrary ...
Cesanta Mongoose Embedded Web Server Library
1 EDB exploit
505
VMScore
CVE-2017-7456
Moxa MXView 2.8 allows remote malicious users to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
Moxa Mxview 2.8
1 EDB exploit
685
VMScore
CVE-2018-12589
Polaris Office 2017 8.1 allows malicious users to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory.
Polarisoffice Polaris Office 2017 8.1
1 EDB exploit
1 Github repository
605
VMScore
CVE-2016-4312
XML external entity (XXE) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 before WSO2-CARBON-PATCH-4.4.0-0231 allows remote authenticated users with access to XACML features to read arbitrary files, cause a denial of service, conduct server-side request forg...
Wso2 Identity Server 5.1.0
1 EDB exploit
355
VMScore
CVE-2016-4315
Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote malicious users to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.
Wso2 Carbon 4.4.5
1 EDB exploit
905
VMScore
CVE-2017-3006
Adobe Thor versions 3.9.5.353 and previous versions have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
Adobe Creative Cloud
1 EDB exploit
685
VMScore
CVE-2017-9413
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote malicious users to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Int...
Subsonic Subsonic 6.1.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »