Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-34887
Standard users can directly operate and set printer configuration information , such as IP, in some Lenovo Printers without having to authenticate with the administrator password.
Lenovo Gm265dn Firmware -
Lenovo Gm266dns Firmware
Lenovo G263dns Firmware
NA
CVE-2002-2054
TeeKai Forum 1.2 allows remote malicious users to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin.
Teekai Teekai Forum 1.2
NA
CVE-2014-7984
Joomla! CMS 2.5.x prior to 2.5.19 and 3.x prior to 3.2.3 allows remote malicious users to authenticate and bypass intended restrictions via vectors involving GMail authentication.
Joomla Joomla\\! 2.5.15
Joomla Joomla\\! 2.5.16
Joomla Joomla\\! 2.5.17
Joomla Joomla\\! 2.5.18
Joomla Joomla\\! 3.1.0
Joomla Joomla\\! 3.1.1
Joomla Joomla\\! 3.1.2
Joomla Joomla\\! 3.1.3
Joomla Joomla\\! 2.5.12
Joomla Joomla\\! 2.5.14
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.3
Joomla Joomla\\! 3.1.5
Joomla Joomla\\! 3.2.0
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.10
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.8
NA
CVE-2004-2100
GeoHttpServer, when configured to authenticate users, allows remote malicious users to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).
Geovision Geohttpserver
NA
CVE-2006-2893
index.php in GANTTy 1.0.3 allows remote malicious users to obtain the full path of the web server via an invalid lang parameter in an authenticate action.
Gantty Gantty 1.0.3
5.3
CVSSv3
CVE-2017-7639
QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server.
Qnap Nas Proxy Server
9.8
CVSSv3
CVE-2022-23178
An issue exists on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document wi...
Crestron Hd-md4x2-4k-e Firmware 1.0.0.2159
1 Github repository
NA
CVE-2007-5466
Multiple buffer overflows in eXtremail 2.1.1 and previous versions allow remote malicious users to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving ...
Extremail Extremail
3 EDB exploits
6.1
CVSSv3
CVE-2022-27461
In nopCommerce 4.50.1, an open redirect vulnerability can be triggered by luring a user to authenticate to a nopCommerce page by clicking on a crafted link.
Nopcommerce Nopcommerce
5.9
CVSSv3
CVE-2023-31580
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow malicious users to authenticate to the application with a crafted JWT token.
Networknt Light-oauth2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »