Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2016-8380
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
Phoenixcontact Ilc Plcs Firmware -
1 EDB exploit
7.5
CVSSv3
CVE-2016-3237
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle malicious users to bypass authentication via vectors related to a...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1511
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 10 -
Microsoft Windows Rt -
Microsoft Windows 7 -
Microsoft Windows Vista -
1 EDB exploit
9.8
CVSSv3
CVE-2018-11094
An issue exists on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, passwo...
Intelbras Ncloud 300 Firmware 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-14244
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
Iball Ib-wra150n Firmware Fw Ib-lr7011a 1.0.2
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote malicious users to bypass the xss_clean() Filter and perform XSS attacks.
Codeigniter Codeigniter
1 EDB exploit
NA
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.3.4
7.3
CVSSv3
CVE-2016-8371
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
Phoenixcontact Ilc Plcs Firmware -
1 EDB exploit
NA
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
NA
CVE-2012-0913
SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote malicious users to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information.
Icloudcenter Ictimeattendance 1.0
1 EDB exploit
NA
CVE-2014-7237
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and previous versions, when running on Windows, allows remote malicious users to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess t...
Twiki Twiki
Microsoft Windows -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »