Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trustwave.com vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2010-4232
The web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote malicious users to bypass authentication via a // (slash slash) at the beginning of a URI, as demonstrated by the //syst...
Camtron Cmnc-200 Firmware 1.102a-008
Camtron Cmnc-200
Tecvoz Cmnc-200 Firmware 1.102a-008
Tecvoz Cmnc-200
1 EDB exploit
1000
VMScore
CVE-2010-4233
The Linux installation on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 has a default password of m for the root account, and a default password of merlin for the mg3500 account, which makes it easier for remote malicious ...
Camtron Cmnc-200 Firmware 1.102a-008
Camtron Cmnc-200
Tecvoz Cmnc-200 Firmware 1.102a-008
Tecvoz Cmnc-200
1 EDB exploit
935
VMScore
CVE-2013-7246
Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote malicious users to execute arbitrary code via a long string, as exploited in the wild in January 2014.
Daum Communications Daumgame Activex Control 1.1.0.5
Daum Communications Daumgame Activex Control 1.1.0.4
1 EDB exploit
435
VMScore
CVE-2011-5019
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote malicious users to inject arbitrary web script or HTML via the ddb parameter.
Textpattern Textpattern 4.4.1
1 EDB exploit
785
VMScore
CVE-2015-1503
Multiple directory traversal vulnerabilities in IceWarp Mail Server prior to 11.2 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) scrip...
Icewarp Mail Server
1 EDB exploit
435
VMScore
CVE-2012-1260
Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allows remote malicious users to inject arbitrary web script or HTML via the newUser p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
435
VMScore
CVE-2012-1261
Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions prior to 9.0.1.19899 allows remote malicious users to inject arbitrary web script or HTML via the standalone p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
505
VMScore
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
755
VMScore
CVE-2014-1204
SQL injection vulnerability in Tableau Server 8.0.x prior to 8.0.7 and 8.1.x prior to 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
Tableausoftware Tableau Server 8.0.2
Tableausoftware Tableau Server 8.0.3
Tableausoftware Tableau Server 8.0.6
Tableausoftware Tableau Server 8.1
Tableausoftware Tableau Server 8.0.4
Tableausoftware Tableau Server 8.0.5
Tableausoftware Tableau Server 8.0
Tableausoftware Tableau Server 8.0.1
Tableausoftware Tableau Server 8.1.1
1 EDB exploit
555
VMScore
CVE-2013-5688
Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and previous versions allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3...
Ajaxplorer Ajaxplorer 4.0.4
Ajaxplorer Ajaxplorer 3.2
Ajaxplorer Ajaxplorer 3.1.1
Ajaxplorer Ajaxplorer 3.1
Ajaxplorer Ajaxplorer 3.0.3
Ajaxplorer Ajaxplorer 5.0.1
Ajaxplorer Ajaxplorer 5.0.0
Ajaxplorer Ajaxplorer 4.2.3
Ajaxplorer Ajaxplorer 4.2.2
Ajaxplorer Ajaxplorer 3.3.4
Ajaxplorer Ajaxplorer 3.3.3
Ajaxplorer Ajaxplorer 3.3.2
Ajaxplorer Ajaxplorer 3.2.5
Ajaxplorer Ajaxplorer 2.7.2
Ajaxplorer Ajaxplorer 2.7.1
Ajaxplorer Ajaxplorer 2.6.0
Ajaxplorer Ajaxplorer 2.5.5
Ajaxplorer Ajaxplorer 4.0.3
Ajaxplorer Ajaxplorer 4.0.1
Ajaxplorer Ajaxplorer 3.3.5
Ajaxplorer Ajaxplorer 3.2.4
Ajaxplorer Ajaxplorer 3.2.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »