Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-0316
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote malicious users to bypass intended access restrictions.
Webwasher Webwasher Classic 2.2.1
Webwasher Webwasher Classic 3.3
1 EDB exploit
578
VMScore
CVE-2019-15956
A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization c...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.5.1-fcs-125
Cisco Web Security Appliance 11.7.0-fcs-418
436
VMScore
CVE-2014-0682
Cisco WebEx Meetings Server allows remote authenticated users to bypass authorization checks and (1) join arbitrary meetings, or (2) terminate a meeting without having a host role, via a crafted URL, aka Bug ID CSCuj42346.
Cisco Webex Meetings Server -
505
VMScore
CVE-2012-0902
AirTies Air 4450 1.1.2.18 allows remote malicious users to cause a denial of service (reboot) via a direct request to cgi-bin/loader.
Airties Air 4450 1.1.2.18
1 EDB exploit
505
VMScore
CVE-2003-1162
index.php in Tritanium Bulletin Board 1.2.3 allows remote malicious users to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters.
Tritanium Scripts Tritanium Bulletin Board 1.2.1
Tritanium Scripts Tritanium Bulletin Board 1.2.2
Tritanium Scripts Tritanium Bulletin Board 1.1 Final
Tritanium Scripts Tritanium Bulletin Board 1.2
Tritanium Scripts Tritanium Bulletin Board 0.999 Beta
Tritanium Scripts Tritanium Bulletin Board 1.0 Beta
Tritanium Scripts Tritanium Bulletin Board 0.993 Beta
Tritanium Scripts Tritanium Bulletin Board 0.994 Beta
Tritanium Scripts Tritanium Bulletin Board 1.2.3
1 EDB exploit
187
VMScore
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
578
VMScore
CVE-2017-12251
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote malicious user to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to wea...
Cisco Cloud Services Platform 2100 2.1.0
Cisco Cloud Services Platform 2100 2.2.2
Cisco Cloud Services Platform 2100 2.1.1
Cisco Cloud Services Platform 2100 2.1.2
Cisco Cloud Services Platform 2100 2.2.0
Cisco Cloud Services Platform 2100 2.2.1
578
VMScore
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
755
VMScore
CVE-2003-0752
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote malicious users to bypass authentication via a modified cook_id parameter.
Attila-php.net Attilaphp
1 EDB exploit
578
VMScore
CVE-2018-19359
GitLab Community and Enterprise Edition 8.9 and later and prior to 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
Gitlab Gitlab 11.5.0
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »