Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv3
CVE-2016-4315
Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote malicious users to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.
Wso2 Carbon 4.4.5
1 EDB exploit
7.5
CVSSv3
CVE-2017-9024
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing malicious users to read arbitrary files via ../ sequences in a pathname.
Secure-bytes Secure Cisco Auditor 3.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-9415
Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view.
Subsonic Subsonic 6.1.1
1 EDB exploit
7.5
CVSSv3
CVE-2018-15745
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
Argussurveillance Dvr 4.0.0.0
1 EDB exploit
3.3
CVSSv3
CVE-2018-16252
FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.
Fspro Event Log Explorer 4.6.1.2115
1 EDB exploit
6.1
CVSSv3
CVE-2017-12971
Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote malicious users to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
6.1
CVSSv3
CVE-2017-16884
Cross-site scripting (XSS) vulnerability in MistServer prior to 2.13 allows remote malicious users to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
Mistserver Mistserver
1 EDB exploit
7.5
CVSSv3
CVE-2018-7583
Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) via a long string to TCP port 5500.
Advantig Dualdesk 20
1 EDB exploit
7.8
CVSSv3
CVE-2018-10655
DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).
Devicelock Plug And Play Auditor 5.72
1 EDB exploit
4.7
CVSSv3
CVE-2017-10273
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged a...
Oracle Jdeveloper 11.1.1.7.0
Oracle Jdeveloper 11.1.2.4.0
Oracle Jdeveloper 12.1.3.0.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Jdeveloper 11.1.1.7.1
Oracle Jdeveloper 12.2.1.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »