Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro ribeiro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4873
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
Bmc Track-it\\! 11.3.0.355
1 EDB exploit
NA
CVE-2014-4874
BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.
Bmc Track-it\\! 11.3.0.355
1 EDB exploit
NA
CVE-2014-3997
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition prior to 10.3.3 build 10330, and ...
Zohocorp Manageengine Password Manager Pro 5.2
Zohocorp Manageengine Password Manager Pro 5.4
Zohocorp Manageengine Password Manager Pro 6.2
Zohocorp Manageengine Password Manager Pro 6.4
Zohocorp Manageengine Password Manager Pro 6.5
Zohocorp Manageengine Password Manager Pro 6.6
Zohocorp Manageengine Password Manager Pro 6.9
Zohocorp Manageengine Password Manager Pro 7.0
Zohocorp Manageengine Password Manager Pro 5.0
Zohocorp Manageengine Password Manager Pro 6.0
Zohocorp Manageengine Password Manager Pro 6.1
Zohocorp Manageengine Password Manager Pro 6.7
Zohocorp Manageengine Password Manager Pro 6.8
Zohocorp Manageengine Password Manager Pro 5.1
Zohocorp Manageengine Password Manager Pro 5.3
Zohocorp Manageengine Password Manager Pro 6.3
Zohocorp Manageengine It360
1 EDB exploit
5.4
CVSSv3
CVE-2016-1596
Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk prior to 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, (2) tf_aClientFirstName, (3) tf_aClientLastName, (4) ta_selectedTopicContent, (...
Novell Service Desk
1 EDB exploit
NA
CVE-2014-8499
Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition prior to 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdv...
Manageengine Password Manager Pro
1 EDB exploit
9.8
CVSSv3
CVE-2016-6598
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to uploa...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
9.8
CVSSv3
CVE-2016-6599
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and passwo...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
9.8
CVSSv3
CVE-2016-6600
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote malicious users to upload and execute arbitrary JSP files via a .. (dot dot) in the fileName parameter to servlets/FileUploadServlet.
Zohocorp Webnms Framework 5.2
1 EDB exploit
9.8
CVSSv3
CVE-2016-6602
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent malicious users to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for...
Zohocorp Webnms Framework 5.2
1 EDB exploit
9.8
CVSSv3
CVE-2016-6603
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote malicious users to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
Zohocorp Webnms Framework 5.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »