Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-5955
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 6.0.2 before iFix004 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Rational Doors Next Generation 6.0.2
5.6
CVSSv2
CVE-2018-12158
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.
Intel Next Unit Of Computing Firmware
NA
CVE-2023-30804
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpn_html/loadfile.php endpoint. This issue is exploitable by a remote and u...
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-30805
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is du...
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-30803
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for h...
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-30806
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This ...
Sangfor Next-gen Application Firewall Ngaf8.0.17
7.5
CVSSv2
CVE-2012-2105
Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters.
Peter Kovacs Timesheet Next Gen 1.5.2
1 EDB exploit
NA
CVE-2023-30802
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field.
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-39422
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless.
Resortdata Internet Reservation Module Next Generation -
7.5
CVSSv2
CVE-2007-4208
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote malicious users to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
Morgan Ids Next Gen Portfolio Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »