Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-15647
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.
Fiberhome Routerfiberhome Firmware
1 EDB exploit
7.3
CVSSv3
CVE-2017-11657
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
Dashlane Dashlane -
1 EDB exploit
9.8
CVSSv3
CVE-2017-5815
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
Hp Intelligent Management Center 7.3
Hp Intelligent Management Center
1 EDB exploit
6.5
CVSSv3
CVE-2017-10803
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used.
Odoo Odoo 10.0
Odoo Odoo 9.0
Odoo Odoo 8.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-11502
Technicolor DPC3928AD DOCSIS devices allow remote malicious users to read arbitrary files via a request starting with "GET /../" on TCP port 4321.
Cisco Dpc3928ad Docsis Wireless Router Firmware -
1 EDB exploit
8.8
CVSSv3
CVE-2017-15578
In PHPSUGAR PHP Melody prior to 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
Phpsugar Php Melody
1 EDB exploit
9.8
CVSSv3
CVE-2017-16935
Ametys prior to 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote malicious users to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by...
Ametys Ametys
1 EDB exploit
9.8
CVSSv3
CVE-2017-17672
In vBulletin up to and including 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplat...
Vbulletin Vbulletin
Vbulletin Vbulletin 5.0.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-13068
QNAP has already patched this vulnerability. This security concern allows a remote malicious user to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.
Qnap Qts Helpdesk
1 EDB exploit
9.8
CVSSv3
CVE-2017-17761
An issue exists on Ichano AtHome IP Camera devices. The device runs the "noodles" binary - a service on port 1300 that allows a remote (LAN) unauthenticated user to run arbitrary commands. This binary requires the "system" XML element for specifying the comman...
Ichano Athome Ip Camera Firmware -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »