Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-22955
An issue exists on AudioCodes VoIP desk phones up to and including 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher ...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
NA
CVE-2003-0255
The key validation code in GnuPG prior to 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
Gnu Privacy Guard
NA
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
NA
CVE-2004-2725
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in ...
Aztek Forum Aztek Forum 4.0
1 EDB exploit
NA
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
NA
CVE-2007-5181
SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote malicious users to execute arbitrary SQL commands via the ilan_id parameter.
Netkamp Netkamp Emlak Scripti
1 EDB exploit
NA
CVE-2005-4378
SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and previous versions allows remote malicious users to execute arbitrary SQL commands via the SiteNodeID parameter.
Nma Baseline Cms
1 EDB exploit
NA
CVE-2009-1561
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote malicious users to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPassw...
Cisco Wrt54gc 1.05.7
1 EDB exploit
NA
CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
1 EDB exploit
NA
CVE-2012-4076
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780.
Cisco Nx-os -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »