Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmed vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
Guralp Man-eam-0003 3.2.4
NA
CVE-2022-38841
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.
Linksys E8450 Firmware 1.1.00
10
CVSSv2
CVE-2021-4039
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an malicious user to execute arbitrary OS commands on the device.
Zyxel Nwa1100-nh Firmware
7.5
CVSSv2
CVE-2006-5166
PHP remote file inclusion vulnerability in functions.php in PHP Web Scripts Easy Banner Free allows remote malicious users to execute arbitrary PHP code via a URL in the s[phppath] parameter.
Php Web Scripts Easy Banner Free
1 EDB exploit
10
CVSSv2
CVE-2007-2783
Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 and previous versions allows remote malicious users to bypass authentication and execute arbitrary code via unspecified vectors. NOTE: this issue has no actionable information, and perhaps should not be included ...
Rational Software Hidden Administrator
1 EDB exploit
NA
CVE-2023-0981
A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been classified as critical. Affected is an unknown function of the component Delete User. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remote...
Yoga Class Registration System Project Yoga Class Registration System 1.0
NA
CVE-2023-0982
A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Add Class Entry. The manipulation of the argument id leads to sql injection. The attack ca...
Yoga Class Registration System Project Yoga Class Registration System 1.0
NA
CVE-2023-0455
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
Bumsys Project Bumsys 1.0.1
Bumsys Project Bumsys 1.0.0
Bumsys Project Bumsys 1.0.2
10
CVSSv2
CVE-2020-10569
SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This may...
Sysaid On-premise 20.1.11
5
CVSSv2
CVE-2021-46378
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.
Dlink Dir-850l Firmware 1.08trb03
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »