Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redteam-pentesting.de vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-9843
The REST API in CyberArk Password Vault Web Access prior to 9.9.5 and 10.x prior to 10.1 allows remote malicious users to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
Cyberark Password Vault
1 EDB exploit
6.8
CVSSv2
CVE-2008-0300
mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote malicious users to execute arbitrary PHP code via PHP code sequences in the factor parameter, which are not properly handled when accessing a filename that contains those sequences.
Mapbender Mapbender 2.4.1
Mapbender Mapbender 2.4.2
Mapbender Mapbender 2.4.3
Mapbender Mapbender 2.4.4
Mapbender Mapbender 2.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-0301
Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote malicious users to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors.
Mapbender Mapbender 2.4.2
Mapbender Mapbender 2.4.3
Mapbender Mapbender 2.4.4
Mapbender Mapbender 2.4
Mapbender Mapbender 2.4.1
1 EDB exploit
7.5
CVSSv2
CVE-2014-6235
Unspecified vulnerability in the ke DomPDF extension prior to 0.0.5 for TYPO3 allows remote malicious users to execute arbitrary code via unknown vectors.
Kennziffer Ke Dompdf
1 EDB exploit
6.5
CVSSv2
CVE-2007-3013
SQL injection vulnerability in activeWeb contentserver prior to 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors.
Activeweb Contentserver
1 EDB exploit
7.8
CVSSv2
CVE-2014-8868
EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote malicious users to obtain the administrator username and password, and possibly other sensitive information, via a request to /4.
Entrypass N5200 Active Network Control Panel -
1 EDB exploit
4.3
CVSSv2
CVE-2009-1467
Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server prior to 9.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML...
Icewarp Webmail Server 2.10.115
Icewarp Webmail Server 2.10.150
Icewarp Webmail Server 2.10.240
Icewarp Webmail Server 2.10.250
Icewarp Webmail Server 2.10.340
Icewarp Webmail Server 2.10.350
Icewarp Webmail Server 3.10.110
Icewarp Webmail Server 4.00.30
Icewarp Webmail Server 4.4.2
Icewarp Webmail Server 5.1.2
Icewarp Webmail Server 5.5.3
Icewarp Webmail Server 5.5.4
Icewarp Webmail Server 5.8.4
Icewarp Webmail Server 5.8.5
Icewarp Webmail Server 6.1.0
Icewarp Webmail Server 6.2.1
Icewarp Webmail Server 7.4.5
Icewarp Webmail Server 7.5.2
Icewarp Webmail Server 8.2.2
Icewarp Webmail Server 8.3.5
Icewarp Webmail Server 2.10.110
Icewarp Webmail Server 9.2.0
2 EDB exploits
4.3
CVSSv2
CVE-2009-1469
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server prior to 9.4.2 makes it easier for remote malicious users to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header...
Icewarp Webmail Server 2.10.170
Icewarp Webmail Server 2.10.200
Icewarp Webmail Server 2.10.290
Icewarp Webmail Server 2.10.320
Icewarp Webmail Server 3.00.120
Icewarp Webmail Server 3.00.130
Icewarp Webmail Server 4.2.1
Icewarp Webmail Server 4.2.2
Icewarp Webmail Server 5.4.1
Icewarp Webmail Server 5.4.2
Icewarp Webmail Server 5.5.7
Icewarp Webmail Server 5.7.3
Icewarp Webmail Server 6.0.2
Icewarp Webmail Server 6.0.3
Icewarp Webmail Server 6.0.5
Icewarp Webmail Server 7.1.6
Icewarp Webmail Server 7.2.0
Icewarp Webmail Server 8.0.1
Icewarp Webmail Server 8.0.3
Icewarp Webmail Server 8.9.1
Icewarp Webmail Server 9.0.0
Icewarp Webmail Server 9.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-0751
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) prior to 1.9.4 allows remote malicious users to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.
Nazgul Nostromo
Nazgul Nostromo 1.8.5
Nazgul Nostromo 1.8.4
Nazgul Nostromo 1.7.7
Nazgul Nostromo 1.7.6
Nazgul Nostromo 1.6
Nazgul Nostromo 1.5.1
Nazgul Nostromo 1.8.7
Nazgul Nostromo 1.8.6
Nazgul Nostromo 1.7.9
Nazgul Nostromo 1.7.8
Nazgul Nostromo 1.7.1
Nazgul Nostromo 1.7
Nazgul Nostromo 1.0
Nazgul Nostromo 0.9
Nazgul Nostromo 0.2
Nazgul Nostromo 0.1
Nazgul Nostromo 1.9.2
Nazgul Nostromo 1.9.1
Nazgul Nostromo 1.8.3
Nazgul Nostromo 1.8.2
Nazgul Nostromo 1.7.5
1 EDB exploit
2 Github repositories
7.5
CVSSv2
CVE-2014-2303
Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS prior to 6.2.7-s1.2 and 6.3.x up to and including 6.3.8 before -s1 allow remote malicious users to execute arbitrary SQL commands via the (1) table or (2) order parameter.
Webedition Webedition Cms 6.3.8.0
Webedition Webedition Cms 6.3.3.0
Webedition Webedition Cms 6.2.7.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »