Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0752
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote malicious users to bypass authentication via a modified cook_id parameter.
Attila-php.net Attilaphp
1 EDB exploit
5
CVSSv2
CVE-2014-8036
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote malicious users to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
Cisco Webex Meetings Server -
5
CVSSv2
CVE-2018-0318
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request....
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
5
CVSSv2
CVE-2018-0319
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password recovery re...
Cisco Prime Collaboration Provisioning
Cisco Prime Collaboration
7.5
CVSSv2
CVE-2005-0316
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote malicious users to bypass intended access restrictions.
Webwasher Webwasher Classic 2.2.1
Webwasher Webwasher Classic 3.3
1 EDB exploit
5
CVSSv2
CVE-2003-1162
index.php in Tritanium Bulletin Board 1.2.3 allows remote malicious users to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters.
Tritanium Scripts Tritanium Bulletin Board 1.2.1
Tritanium Scripts Tritanium Bulletin Board 1.2.2
Tritanium Scripts Tritanium Bulletin Board 1.1 Final
Tritanium Scripts Tritanium Bulletin Board 1.2
Tritanium Scripts Tritanium Bulletin Board 0.999 Beta
Tritanium Scripts Tritanium Bulletin Board 1.0 Beta
Tritanium Scripts Tritanium Bulletin Board 0.993 Beta
Tritanium Scripts Tritanium Bulletin Board 0.994 Beta
Tritanium Scripts Tritanium Bulletin Board 1.2.3
1 EDB exploit
2.1
CVSSv2
CVE-2021-34771
A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local malicious user to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker ...
Cisco Ios Xr
NA
CVE-2021-1410
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests...
6.5
CVSSv2
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
6.5
CVSSv2
CVE-2018-19359
GitLab Community and Enterprise Edition 8.9 and later and prior to 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
Gitlab Gitlab 11.5.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »