Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-1000235
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
I-librarian I Librarian
I-librarian I Librarian 4.7
10
CVSSv2
CVE-2017-12337
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote malicious user to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a ...
Cisco Finesse -
Cisco Hosted Collaboration Solution -
Cisco Emergency Responder -
Cisco Unity Connection -
Cisco Socialminer -
Cisco Mediasense -
Cisco Unified Communications Manager -
Cisco Prime License Manager -
Cisco Unified Communications Manager Im And Presence Service -
Cisco Unified Intelligence Center -
Cisco Unified Contact Center Express -
10
CVSSv2
CVE-2017-12739
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to execute arbitrary code on t...
Siemens Sm-2556 Firmware Dnpi00
Siemens Sm-2556 Firmware Enos00
Siemens Sm-2556 Firmware Erac00
Siemens Sm-2556 Firmware Eta2
Siemens Sm-2556 Firmware Etls00
Siemens Sm-2556 Firmware Modi00
10
CVSSv2
CVE-2017-13997
A Missing Authentication for Critical Function issue exists in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio provides the capability for an HMI client to trigger script execution on the server for the ...
Schneider-electric Wonderware Intouch
Schneider-electric Wonderware Indusoft Web Studio
10
CVSSv2
CVE-2017-12229
A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 up to and including 16.5 could allow an unauthenticated, remote malicious user to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to...
Cisco Ios Xe 3.6.5be
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.1.3
Cisco Ios Xe 16.1.2
Cisco Ios Xe 3.1.3as
Cisco Ios Xe 3.8.0ex
Cisco Ios Xe 3.2.1xo
Cisco Ios Xe 16.5.1c
Cisco Ios Xe 16.1.4
Cisco Ios Xe 3.18.3vs
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.1.1
Cisco Ios Xe 3.4.7asg
Cisco Ios Xe 16.1.3a
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.2.2a
Cisco Ios Xe 16.5.1a
10
CVSSv2
CVE-2017-6869
A vulnerability exists in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially craft...
Siemens Viewport For Web Office Portal -
10
CVSSv2
CVE-2017-6667
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote malicious user to execute arbitrary code on the affected device with the privileges of the web server. More Informatio...
Cisco Context Service Development Kit 2.0
10
CVSSv2
CVE-2017-6640
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote malicious user to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or...
Cisco Prime Data Center Network Manager 10.1(1)
Cisco Prime Data Center Network Manager 10.1(2)
Cisco Prime Data Center Network Manager 10.1.0
1 Github repository
10
CVSSv2
CVE-2017-7279
An unprivileged user of the Unitrends Enterprise Backup prior to 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.
Unitrends Enterprise Backup
10
CVSSv2
CVE-2016-9682
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out inf...
Dell Sonicwall Secure Remote Access Server 8.1.0.2-14sv
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »