Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weather vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2008-1348
Cross-site scripting (XSS) vulnerability in index.php in the eWebsite eWeather (Weather) module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the chart parameter to modules.php.
Ewebsite Eweather
1 EDB exploit
694
VMScore
CVE-2018-18878
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote malicious user to send specially crafted packets causing the device to become unavailable.
Columbiaweather Weather Microserver Firmware Ms 2.6.9900
578
VMScore
CVE-2019-6487
TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
Tp-link Tl-wdr5620 Firmware
Tp-link Tl-wdr3500 Firmware
Tp-link Tl-wdr3600 Firmware
Tp-link Tl-wdr4300 Firmware
Tp-link Tl-wdr4900 Firmware
605
VMScore
CVE-2018-1000048
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file.
Nasa Rtretrievalframework 1.0
605
VMScore
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fix...
Nasa Singledop 1.0
383
VMScore
CVE-2014-4587
Multiple cross-site scripting (XSS) vulnerabilities in the WP GuestMap plugin 1.8 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) zl, (2) mt, or (3) dc parameter to guest-locator.php; the (4) zl, (5) mt, (6) acti...
Wp Guestmap Project Wp Guestmap Project
828
VMScore
CVE-2021-43844
MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions prior to 0.5.0.1 are vulnerable to Remote Code Execution via specifically crafted URLs. This vulnerability requires user interaction and the acc...
Msedgeredirect Project Msedgeredirect
694
VMScore
CVE-2013-5478
Cisco IOS 15.0 up to and including 15.3 and IOS XE 3.2 up to and including 3.8, when a VRF interface exists, allows remote malicious users to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.
Cisco Ios 15.1
Cisco Ios 15.0
Cisco Ios 15.3
Cisco Ios 15.2
Cisco Ios Xe 3.2.1s
Cisco Ios Xe 3.2.1sg
Cisco Ios Xe 3.2.2s
Cisco Ios Xe 3.2.2sg
Cisco Ios Xe 3.4.4s
Cisco Ios Xe 3.4.5s
Cisco Ios Xe 3.4.xs
Cisco Ios Xe 3.5.0s
Cisco Ios Xe 3.8.0s
Cisco Ios Xe 3.3.1sg
Cisco Ios Xe 3.3.2s
Cisco Ios Xe 3.3.3s
Cisco Ios Xe 3.4.0as
Cisco Ios Xe 3.6.1s
Cisco Ios Xe 3.6.2s
Cisco Ios Xe 3.7.0s
Cisco Ios Xe 3.7.1s
Cisco Ios Xe 3.2.0s
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5