Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-21934
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Advantech R-seenet 2.4.15
8.8
CVSSv3
CVE-2021-21936
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Advantech R-seenet 2.4.15
NA
CVE-2007-4750
Unspecified vulnerability in RemoteDocs R-Viewer prior to 1.6.3768 allows user-assisted remote malicious users to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension.
Data-vision Remotedocs R-viewer
NA
CVE-2007-4751
RemoteDocs R-Viewer prior to 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files.
Data-vision Remotedocs R-viewer
5.3
CVSSv3
CVE-2020-13896
The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows remote malicious users to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation t...
Maipu Mp1800x-50 Firmware 7.5.3.14\\(r\\)
NA
CVE-2000-0379
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
Netopia R-series Routers 4.6.2
1 EDB exploit
NA
CVE-2002-1752
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote malicious users to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
Cgiscript Cschat-r-box 1.0
NA
CVE-2002-1577
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote malicious users to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.
Sap Sap R 3 2.0b To 4.6d
NA
CVE-2006-1781
PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter. NOTE: It was later reported that 1.4.2 and previous versions are affected.
Circle R Monster Top List
2 EDB exploits
8.8
CVSSv3
CVE-2018-2436
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Sap R\\/3 Enterprise Retail -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »