Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-5618
A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.
A-pdf Wav To Mp3 1.0.0
10
CVSSv2
CVE-2015-2885
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
Lens Laboratories Peek-a-view Firmware -
5
CVSSv2
CVE-2022-26675
aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote attacker can bypass authentication and perform path traversal attacks to access arbitrary files under website root directory.
Aenrich A\\+hrd 6.8
7.5
CVSSv2
CVE-2022-26676
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service.
Aenrich A\\+hrd 6.8
5
CVSSv2
CVE-2006-2948
A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote malicious users to obtain username and password information.
Alan Ward A-cart
3.5
CVSSv2
CVE-2021-24420
The Request a Quote WordPress plugin prior to 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table.
Emarketdesign Request A Quote
5
CVSSv2
CVE-2018-19440
ARM Trusted Firmware-A allows information disclosure.
Arm Trusted Firmware-a
6.4
CVSSv2
CVE-2016-1178
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to obtain or modify sensitive data via unspecified vectors.
Appleple A-blog Cms
4.6
CVSSv2
CVE-2001-0370
fcheck before 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.
Michael A. Gumienny Fcheck
4.3
CVSSv2
CVE-2016-1179
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Appleple A-blog Cms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »