Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next next vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30804
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpn_html/loadfile.php endpoint. This issue is exploitable by a remote and u...
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-30805
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is du...
Sangfor Next-gen Application Firewall 8.0.17
NA
CVE-2023-30806
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This ...
Sangfor Next-gen Application Firewall Ngaf8.0.17
3.5
CVSSv2
CVE-2016-5955
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 6.0.2 before iFix004 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Rational Doors Next Generation 6.0.2
7.5
CVSSv2
CVE-2007-4208
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote malicious users to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
Morgan Ids Next Gen Portfolio Manager
1 EDB exploit
3.5
CVSSv2
CVE-2021-31583
Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: St...
Sipwise Next Generation Communication Platform 3.6.7
7.5
CVSSv2
CVE-2012-2105
Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters.
Peter Kovacs Timesheet Next Gen 1.5.2
1 EDB exploit
6.8
CVSSv2
CVE-2021-31584
Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.
Sipwise Next Generation Communication Platform 3.6.4
5.6
CVSSv2
CVE-2018-12158
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.
Intel Next Unit Of Computing Firmware
3.5
CVSSv2
CVE-2018-1507
IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X...
Ibm Rational Doors Next Generation 6.0.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »