Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
h00die vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2024_23759
A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization...
1 Metasploit module
NA
CVE_2024_24725
A Remote Code Execution vulnerability in Gibbon online school platform version 26.0.00 and lower allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the endpoint `/modules/System%20Admin/import_run.php&...
1 Metasploit module
NA
CVE_2024_2054
A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects ...
1 Metasploit module
NA
CVE-2024-24725
Gibbon up to and including 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
NA
CVE-2024-2054
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.
1 Github repository
NA
CVE-2021-458439
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected.
NA
CVE-2014-2630
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
Hp Operations Agent 11.0
1 Github repository
NA
CVE-2014-0038
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel prior to 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
Linux Linux Kernel
Opensuse Opensuse 12.3
4 EDB exploits
4 Github repositories
NA
CVE-2013-3630
Moodle up to and including 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Moodle Moodle 2.5.0
Moodle Moodle 2.4.1
Moodle Moodle 2.3.8
Moodle Moodle 2.3.1
Moodle Moodle 2.2.9
Moodle Moodle 2.2.2
Moodle Moodle 2.2.10
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.0.9
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 1.9.8
Moodle Moodle 1.9.3
Moodle Moodle 1.9.18
Moodle Moodle 1.9.11
Moodle Moodle 1.9.1
Moodle Moodle 1.8.4
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.6.7
Moodle Moodle 1.6.0
1 EDB exploit
1 Metasploit module
NA
CVE-2009-4753
Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote malicious users to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command.
Nas Adapter Nasu2fw41 1.17
Nas Adapter Nasu2fw41
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7