Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of ...
Wholehogsoftware Password Protect 1.0
2 EDB exploits
8.8
CVSSv3
CVE-2019-15813
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows malicious users to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Bludit Bludit 3.9.2
20 Github repositories
NA
CVE-2014-5246
The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote malicious users to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.
Tenda A5s Firmware 3.02.05 Cn
Tenda A5s -
1 EDB exploit
9.8
CVSSv3
CVE-2014-7279
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote malicious users to obtain "equipment management authority" via TCP traffic to port 23.
Kankunit Konke Smart Plug Firmware K
1 EDB exploit
9.8
CVSSv3
CVE-2020-11532
Zoho ManageEngine DataSecurity Plus before 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an malicious user to bypass authentication for this server and execute all operations in the context of admin user.
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Datasecurity Plus
NA
CVE-2013-1727
Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Mozilla Firefox 19.0
Mozilla Firefox 22.0
Mozilla Firefox 20.0
Mozilla Firefox
Mozilla Firefox 19.0.2
Mozilla Firefox 19.0.1
Mozilla Firefox 23.0
Mozilla Firefox 21.0
Mozilla Firefox 20.0.1
1 EDB exploit
NA
CVE-2005-1787
setup.php in phpStat 1.5 allows remote malicious users to bypass authentication and gain administrator privileges by setting the $check variable.
Phpstat Phpstat -
3 EDB exploits
NA
CVE-2010-2842
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 up to and including 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerabi...
Cisco Wireless Lan Controller Software 4.2.61.0
Cisco Wireless Lan Controller Software 4.2
Cisco Wireless Lan Controller Software 4.2.182.0
Cisco Wireless Lan Controller Software 5.0.148.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 4.2.99.0
Cisco Wireless Lan Controller Software 5.2.169.0
Cisco Wireless Lan Controller Software 5.1
Cisco Wireless Lan Controller Software 6.0
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2.176.0
Cisco Wireless Lan Controller Software 5.1.152.0
Cisco Wireless Lan Controller Software 5.2
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 6.0.182.0
Cisco Wireless Lan Controller Software 4.2.174.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 5.1.160.0
Cisco Wireless Lan Controller Software 5.2.157.0
NA
CVE-2010-2843
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 up to and including 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerabi...
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.61.0
Cisco Wireless Lan Controller Software 4.2.182.0
Cisco Wireless Lan Controller Software 5.0.148.0
Cisco Wireless Lan Controller Software 5.2.169.0
Cisco Wireless Lan Controller Software 5.1.160.0
Cisco Wireless Lan Controller Software 5.1
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2.99.0
Cisco Wireless Lan Controller Software 4.2
Cisco Wireless Lan Controller Software 5.1.152.0
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 4.2.176.0
Cisco Wireless Lan Controller Software 4.2.174.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 6.0.182.0
Cisco Wireless Lan Controller Software 6.0
Cisco Wireless Lan Controller Software 5.2.157.0
Cisco Wireless Lan Controller Software 5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »