Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2002-1884
index.php in Py-Membres 3.1 allows remote malicious users to log in as an administrator by setting the pymembs parameter to "admin".
Py-membres Py-membres 3.1
1 EDB exploit
NA
CVE-2022-20861
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the D...
Cisco Nexus Dashboard
445
VMScore
CVE-2017-6624
A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote malicious user to make unauthorized phone calls. The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affect...
Cisco Ios 15.5\\(3\\)m
668
VMScore
CVE-2003-0162
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote malicious users to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
Ecartis Ecartis 1.0.0 Snapshot 2002-10-13
505
VMScore
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.7
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7.2480
1 EDB exploit
890
VMScore
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.1.0
409
VMScore
CVE-2001-0567
Digital Creations Zope 2.3.2 and previous versions allows a local malicious user to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
Zope Zope 7.1
Zope Zope 7.2
505
VMScore
CVE-2005-1817
Invision Power Board (IPB) 1.0 up to and including 1.3 allows remote malicious users to edit arbitrary forum posts via a direct request to index.php with modified parameters.
Invision Power Services Invision Board 1.0
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
1 EDB exploit
356
VMScore
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) prior to 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
755
VMScore
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »