Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml-rpc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0089
The SimpleXMLRPCServer library module in Python 2.2, 2.3 prior to 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote malicious users to read or modify globals of the associated module,...
Python Python 2.4.0
Python Python
6.1
CVSSv3
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
8.6
CVSSv3
CVE-2017-9062
In WordPress prior to 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-9065
In WordPress prior to 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploi...
Revive-sas Revive Adserver
1 EDB exploit
NA
CVE-2007-1897
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
Wordpress Wordpress
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
1 EDB exploit
9.8
CVSSv3
CVE-2022-26318
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS prior to 12.7.2_U2, 12.x prior to 12.1.3_U8, and 12.2.x up to and including 12.5.x prior to 12.5.9_U2.
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
Watchguard Fireware 12.5.9
2 Github repositories
NA
CVE-2010-0599
Cisco Mediator Framework 1.5.1 prior to 1.5.1.build.14-eng, 2.2 prior to 2.2.1.dev.1, and 3.0 prior to 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, wh...
Cisco Mediator Framework 2.2
Cisco Mediator Framework 3.0.8
Cisco Mediator Framework 1.5.1
7.5
CVSSv3
CVE-2016-3163
The XML-RPC system in Drupal 6.x prior to 6.38 and 7.x prior to 7.43 might make it easier for remote malicious users to conduct brute-force attacks via a large number of calls made at once to the same method.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Drupal Drupal 7.7
Drupal Drupal 7.6
Drupal Drupal 7.5
Drupal Drupal 7.4
Drupal Drupal 7.24
Drupal Drupal 7.23
Drupal Drupal 7.22
Drupal Drupal 7.21
Drupal Drupal 7.0
Drupal Drupal 6.37
Drupal Drupal 6.8
Drupal Drupal 6.7
Drupal Drupal 6.6
Drupal Drupal 6.5
Drupal Drupal 6.26
Drupal Drupal 6.25
Drupal Drupal 6.24
Drupal Drupal 6.23
Drupal Drupal 6.10
Drupal Drupal 6.1
NA
CVE-2014-0661
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx prior to 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx prior to 6.0.4(11), allows remote malicious users to execute arbitrary commands or cause a denial of service (st...
Cisco Telepresence System Software 1.9.3\\(44\\)
Cisco Telepresence System Software 1.9.2\\(19\\)
Cisco Telepresence System Software 1.8.1\\(34\\)
Cisco Telepresence System Software 1.8.0\\(55\\)
Cisco Telepresence System Software 1.9.5\\(7\\)
Cisco Telepresence System Software 1.9.4\\(19\\)
Cisco Telepresence System Software 1.8.3\\(4\\)
Cisco Telepresence System Software 1.8.2\\(11\\)
Cisco Telepresence System Software 1.10.0\\(259\\)
Cisco Telepresence System Software 1.10.0
Cisco Telepresence System Software 1.9.1\\(68\\)
Cisco Telepresence System Software 1.9.0\\(46\\)
Cisco Telepresence System Software 1.7.6\\(4\\)
Cisco Telepresence System Software 1.7.5\\(42\\)
Cisco Telepresence System Software 1.10.1
Cisco Telepresence System Software 1.9.6.1\\(3\\)
Cisco Telepresence System Software 1.9.6\\(2\\)
Cisco Telepresence System Software 1.8.5\\(4\\)
Cisco Telepresence System Software 1.8.4\\(13\\)
Cisco Telepresence System Software 1.5.10\\(3648\\)
Cisco Telepresence System Software
Cisco Telepresence System 3010
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »