Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0995
login.php for PHPAuction allows remote malicious users to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.
Gianluca Baldo Phpauction 1.2
Gianluca Baldo Phpauction 1.3
Gianluca Baldo Phpauction 2.0
Gianluca Baldo Phpauction 2.1
1 EDB exploit
5.3
CVSSv3
CVE-2017-6624
A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote malicious user to make unauthorized phone calls. The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affect...
Cisco Ios 15.5\\(3\\)m
9.8
CVSSv3
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) up to and including 11.8.0.27 allows remote malicious users to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
Trustwave Secure Web Gateway
1 EDB exploit
9.8
CVSSv3
CVE-2019-15260
A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected d...
Cisco Aironet 1540 Firmware
Cisco Aironet 1560 Firmware
Cisco Aironet 1800 Firmware
Cisco Aironet 2800 Firmware
Cisco Aironet 3800 Firmware
Cisco Aironet 4800 Firmware
NA
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.7
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7.2480
1 EDB exploit
NA
CVE-2003-0162
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote malicious users to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
Ecartis Ecartis 1.0.0 Snapshot 2002-10-13
NA
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
NA
CVE-2003-1358
rs.F300 for HP-UX 10.0 up to and including 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Hp Hp-ux 10.16
Hp Hp-ux 10.20
Hp Hp-ux 11.04
Hp Hp-ux 11.11
Hp Hp-ux 10.09
Hp Hp-ux 10.10
Hp Hp-ux 11.0.4
Hp Hp-ux 11.00
Hp Hp-ux 10.00
Hp Hp-ux 10.24
Hp Hp-ux 10.26
Hp Hp-ux 11.20
Hp Hp-ux 11.22
Hp Hp-ux 10.01
Hp Hp-ux 10.08
Hp Hp-ux 10.30
Hp Hp-ux 10.34
1 EDB exploit
NA
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and previous versions allows remote malicious users to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new ad...
Jiro Banner System 1.0 Experience
Jiro Banner System 1.0 Professional
1 EDB exploit
NA
CVE-2001-0283
Directory traversal vulnerability in SunFTP build 9 allows remote malicious users to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Sun Sun Ftp Build 9
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »