Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
julien ahrens vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-258102022
Transposh WordPress Translation versions 1.0.8.1 and below do not properly enforce authorization on functionalities available on the plugin's "Utilities" page leading to unauthorized access for all user roles, including "Subscriber".
NA
CVE-2022-258112
Transposh WordPress Translation versions 1.0.8.1 and below have a "tp_editor" page at "/wp-admin/admin.php?page=tp_editor" that is vulnerable to two authenticated, blind SQL injections when user-supplied input to the HTTP GET parameters "order" and &...
7.5
CVSSv3
CVE-2023-22620
An issue exists in SecurePoint UTM prior to 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrat...
Securepoint Unified Threat Management
1 Github repository
NA
CVE-2023-226202023
SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.
NA
CVE-2013-5702
Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware prior to 11.8 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Watchguard Fireware
Watchguard Fireware 11.6.1
Watchguard Fireware 11.7.2
Watchguard Fireware 11.7
Watchguard Fireware 11.6.6
Watchguard Fireware 11.6.5
Watchguard Fireware 11.7.3
Watchguard Fireware 11.6.3
Watchguard Fireware 11.6
Watchguard Watchguard System Manager -
8.8
CVSSv3
CVE-2018-7765
The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter.
Schneider-electric U.motion Builder
NA
CVE-2018-78412
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
NA
CVE-2016-44692
Apache Archiva version 1.3.9 suffers from a cross site request forgery vulnerability.
NA
CVE-2016-69132
AlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.
NA
CVE-2016-69132016
AlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »