Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
super vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3811
Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and previous versions allows remote malicious users to overwrite arbitrary files with session information via the sid parameter.
Amax Information Technologies Magic Winmail Server
1 EDB exploit
NA
CVE-2015-1118
libnetcore in Apple iOS prior to 8.3, Apple OS X prior to 10.10.3, and Apple TV prior to 7.2 allows malicious users to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
Apple Tvos
Apple Mac Os X
Apple Iphone Os
1 Article
8.8
CVSSv3
CVE-2019-10847
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
Computrols Computrols Building Automation Software
1 EDB exploit
5.3
CVSSv3
CVE-2022-20937
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote malicious user to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of sy...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine
NA
CVE-2007-3060
Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) sid parameter to (a) chat.php, (2) LANG[DEFAULT_BRANDING] and (3) PHPLIVE_VERSION parameters to (b) help.php, the (4) admin[name]...
Osi Codes Inc. Phplive 3.2.2
5 EDB exploits
NA
CVE-2008-3868
Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote malicious users to hijack the authentication of super administrators for requests that create super administrator accounts.
Cce-interact Interact 2.4.1
6.7
CVSSv3
CVE-2023-27576
An issue exists in phpList prior to 3.6.14. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission. Specifically, for a request with updatepassword=1...
Phplist Phplist 3.6.12
8.8
CVSSv3
CVE-2018-16795
OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.
Open-emr Openemr 5.0.1.3
NA
CVE-2024-27968
Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a up to and including 4.7.5.
5.5
CVSSv3
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local malicious user to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
Supra Stv-lc40lt0020f Firmware -
1 EDB exploit
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »