Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) prior to 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
6.5
CVSSv3
CVE-2016-1477
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.
Cisco Connected Streaming Analytics 1.1.1 Base
NA
CVE-2002-0589
PVote prior to 1.9 allows remote malicious users to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.5
Steve Korbett Pvote 1.0
1 EDB exploit
NA
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
NA
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and previous versions allows remote malicious users to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new ad...
Jiro Banner System 1.0 Experience
Jiro Banner System 1.0 Professional
1 EDB exploit
NA
CVE-2007-6056
frame.html in Aida-Web (Aida Web) allows remote malicious users to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
Aida-orga Aida-web
1 EDB exploit
NA
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
5.3
CVSSv3
CVE-2020-3542
A vulnerability in Cisco Webex Training could allow an authenticated, remote malicious user to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. ...
Cisco Webex Training
9.8
CVSSv3
CVE-2019-15260
A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected d...
Cisco Aironet 1540 Firmware
Cisco Aironet 1560 Firmware
Cisco Aironet 1800 Firmware
Cisco Aironet 2800 Firmware
Cisco Aironet 3800 Firmware
Cisco Aironet 4800 Firmware
8
CVSSv3
CVE-2019-1647
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent malicious user to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An att...
Cisco Sd-wan
Cisco Vsmart Controller -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »