Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx.altervista.org vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2018-6617
Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows malicious users to change passwords of arbitrary database users by leveraging failure to ask for the current password.
Ehcp Easy Hosting Control Panel 0.37.12.b
187
VMScore
CVE-2018-6618
Easy Hosting Control Panel (EHCP) v0.37.12.b allows malicious users to obtain sensitive information by leveraging cleartext password storage.
Ehcp Easy Hosting Control Panel 0.37.12.b
187
VMScore
CVE-2018-6619
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for malicious users to crack database passwords by leveraging use of a weak hashing algorithm without a salt.
Ehcp Easy Hosting Control Panel 0.37.12.b
445
VMScore
CVE-2018-11741
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
Nec Univerge Sv9100 Webpro Firmware 6.00.00
445
VMScore
CVE-2018-11742
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
Nec Univerge Sv9100 Webpro Firmware 6.00.00
641
VMScore
CVE-2020-13866
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
Qbik Wingate 9.4.1.5998
641
VMScore
CVE-2018-15515
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.
Dlink Central Wifimanager 1.03 R0098
445
VMScore
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/...
Dlink Central Wifimanager 1.03
605
VMScore
CVE-2018-5221
Multiple buffer overflows in BarCodeWiz BarCode prior to 6.7 ActiveX control (BarcodeWiz.DLL) allow remote malicious users to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property.
Barcodewiz Barcode Activex Control
578
VMScore
CVE-2018-18550
ServersCheck Monitoring Software prior to 14.3.4 allows SQL Injection by an authenticated user.
Serverscheck Serverscheck
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »