Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-4657
Ocean12 Calendar Manager Pro 1.01 allows remote malicious users to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Ocean12 Technologies Calendar Manager Pro 1.01
1 EDB exploit
6.8
CVSSv2
CVE-2009-4732
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Technotoad Tt Web Site Manager 0.5
1 EDB exploit
6.8
CVSSv2
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) ...
Creasito Creasito E-commerce Content Manager 1.3.16
1 EDB exploit
6.5
CVSSv2
CVE-2017-16603
This vulnerability allows remote malicious users to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechan...
Netgain-systems Enterprise Manager 7.2.730
5.5
CVSSv2
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
8.5
CVSSv2
CVE-2015-1489
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote malicious users to bypass authentication via a crafted password-reset action that triggers a new administrative session.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-5777
Creasito E-Commerce Content Manager 1.3.08 allows remote malicious users to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat....
Creasito Creasito E-commerce Content Manager
1 EDB exploit
6.8
CVSSv2
CVE-2009-3218
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-3219
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the a parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »