Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0462
Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote malicious users to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.a...
Clicktech Clickcart 6.0
1 EDB exploit
NA
CVE-2002-0613
dnstools.php for DNSTools 2.0 beta 4 and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
Dnstools Software Dnstools 2.0 Beta3
Dnstools Software Dnstools 2.0 Beta4
1 EDB exploit
NA
CVE-2007-2822
TutorialCMS 1.01 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
Wavelink Media Tutorialcms
1 EDB exploit
8.8
CVSSv3
CVE-2018-19754
Tarantella Enterprise prior to 3.11 allows bypassing Access Control.
Oracle Tarantella Enterprise
9.8
CVSSv3
CVE-2022-22831
An issue exists in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
Servisnet Tessa 0.0.2
NA
CVE-2009-2236
SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote malicious users to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information.
Yourarticlesdirectory Your Articles Directory
1 EDB exploit
NA
CVE-2008-5631
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote malicious users to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party informatio...
Activewebsoftwares Active Ewebquiz 8.0
1 EDB exploit
NA
CVE-2014-8423
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to execute arbitrary commands via unknown vectors.
Arris Vap2500 Firmware
1 EDB exploit
NA
CVE-2014-8425
The management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to obtain credentials by reading the configuration files.
Arris Vap2500 Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2014-9611
Netsweeper prior to 4.0.5 allows remote malicious users to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php.
Netsweeper Netsweeper
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »