Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro ribeiro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-7868
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) OPM_BVNAME parameter in a Delete operation to the A...
Zohocorp Manageengine Social It Plus 11.0
Zohocorp Manageengine Opmanager 11.3
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine It360 10.4
Zohocorp Manageengine It360 10.3.0
2 EDB exploits
NA
CVE-2013-6040
Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls allow remote malicious users to execute arbitrary code via a crafted HTML document.
Mw6tech Aztec Activex Control -
Mw6tech Maxicode Activex Control -
Mw6tech Datamatrix Activex Control -
3 EDB exploits
1 Article
NA
CVE-2014-6035
Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and previous versions allows remote malicious users to write and execute arbitrary files via a .. (dot dot) in the FILENAME parameter.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 11.4
1 EDB exploit
NA
CVE-2014-6036
Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and previous versions, Social IT Plus 11.0, and IT360 10.3, 10.4, and previous versions allows remote attackers or remote authenticated users to delete arbitrary files via a .. (...
Zohocorp Manageengine Opmanager
Zohocorp Manageengine It360
Zohocorp Manageengine It360 10.3.0
Zohocorp Manageengine Social It Plus 11.0
1 EDB exploit
9.8
CVSSv3
CVE-2016-6598
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to uploa...
Bmc Track-it!
Bmc Track-it! 11.4
1 EDB exploit
9.8
CVSSv3
CVE-2016-6600
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote malicious users to upload and execute arbitrary JSP files via a .. (dot dot) in the fileName parameter to servlets/FileUploadServlet.
Zohocorp Webnms Framework 5.2
1 EDB exploit
7.5
CVSSv3
CVE-2016-6601
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
Zohocorp Webnms Framework 5.2
1 EDB exploit
9.8
CVSSv3
CVE-2016-6602
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent malicious users to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for...
Zohocorp Webnms Framework 5.2
1 EDB exploit
9.8
CVSSv3
CVE-2016-6603
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote malicious users to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
Zohocorp Webnms Framework 5.2
1 EDB exploit
NA
CVE-2015-3001
SysAid Help Desk prior to 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.
Sysaid Sysaid
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »