Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
karn ganeshen vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-8283
Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.
Seawell Networks Spectrum Sdc 02.05.00
1 EDB exploit
8.8
CVSSv3
CVE-2015-8284
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.
Seawell Networks Spectrum Sdc 02.05.00
1 EDB exploit
7.5
CVSSv3
CVE-2015-7248
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote malicious users to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
4.9
CVSSv3
CVE-2015-7249
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2015-7250
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote malicious users to read arbitrary files via a full pathname in the getpage parameter.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2015-7251
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
6.1
CVSSv3
CVE-2015-7252
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote malicious users to inject arbitrary web script or HTML via the errorpage parameter.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2015-7245
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote malicious users to read sensitive information via a .. (dot dot) in the errorpage parameter.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.4
CVSSv3
CVE-2016-2296
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote malicious users to obtain sensitive information or modify data via unspecified vectors.
Meteocontrol Web\\'log Pro Unlimited -
Meteocontrol Web\\'log Pro -
Meteocontrol Web\\'log Light -
Meteocontrol Web\\'log Basic 100 -
1 EDB exploit
7.2
CVSSv3
CVE-2016-2278
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and previous versions and AS-P 1.7 and previous versions allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism.
Schneider-electric Struxureware Building Operations Automation Server As Firmware
Schneider-electric Struxureware Building Operations Automation Server As-p Firmware 1.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »