Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro ribeiro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3996
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition prior to 9 build 90043, Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition pri...
Manageengine It360
Manageengine Password Manager Pro
Manageengine Desktop Central
1 EDB exploit
NA
CVE-2014-3997
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition prior to 10.3.3 build 10330, and ...
Zohocorp Manageengine Password Manager Pro 5.2
Zohocorp Manageengine Password Manager Pro 5.4
Zohocorp Manageengine Password Manager Pro 6.2
Zohocorp Manageengine Password Manager Pro 6.4
Zohocorp Manageengine Password Manager Pro 6.5
Zohocorp Manageengine Password Manager Pro 6.6
Zohocorp Manageengine Password Manager Pro 6.9
Zohocorp Manageengine Password Manager Pro 7.0
Zohocorp Manageengine Password Manager Pro 5.0
Zohocorp Manageengine Password Manager Pro 6.0
Zohocorp Manageengine Password Manager Pro 6.1
Zohocorp Manageengine Password Manager Pro 6.7
Zohocorp Manageengine Password Manager Pro 6.8
Zohocorp Manageengine Password Manager Pro 5.1
Zohocorp Manageengine Password Manager Pro 5.3
Zohocorp Manageengine Password Manager Pro 6.3
Zohocorp Manageengine It360
1 EDB exploit
NA
CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote malicious users to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or ...
Bmc Track-it\\! 11.3.0.355
2 EDB exploits
1 Github repository
NA
CVE-2014-1836
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS prior to 1.3.6 allows remote malicious users to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.
Impresscms Impresscms
1 EDB exploit
NA
CVE-2014-2921
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 up to and including 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote malicious users to conduct PHP object injection at...
Pimcore Pimcore 2.1.0
Pimcore Pimcore 2.2.0
Pimcore Pimcore 1.5.0
Pimcore Pimcore 1.4.9
1 EDB exploit
7.5
CVSSv3
CVE-2019-1621
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected ...
Cisco Data Center Network Manager 11.0\\(1\\)
NA
CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x prior to 7.0.0.29, 8.x prior to 8.0.0.18, 9.0 prior to 9.0.0.14, and 9.1 prior to 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.
Kaseya Virtual System Administrator
1 EDB exploit
NA
CVE-2015-2863
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x prior to 7.0.0.29, 8.x prior to 8.0.0.18, 9.0 prior to 9.0.0.14, and 9.1 prior to 9.1.0.4 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecifi...
Kaseya Virtual System Administrator
1 EDB exploit
9.8
CVSSv3
CVE-2016-10175
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows rese...
Netgear Wnr2000v5 Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2016-10176
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, ap...
Netgear Wnr2000v5 Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »