Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-3909
Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote malicious users to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors.
Bandersnatch Bandersnatch 0.4
1 EDB exploit
NA
CVE-2022-27644
This vulnerability allows network-adjacent malicious users to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
Netgear R6400 Firmware
Netgear R6700 Firmware
Netgear R6900p Firmware
Netgear R7000 Firmware
Netgear R7000p Firmware
Netgear R7850 Firmware
Netgear R7960p Firmware
Netgear R8000 Firmware
Netgear R8000p Firmware
Netgear Rax200 Firmware
Netgear Rax75 Firmware
Netgear Rax80 Firmware
Netgear Rs400 Firmware
Netgear Cbr40 Firmware
Netgear Lbr1020 Firmware
Netgear Lbr20 Firmware
Netgear Rbr10 Firmware
Netgear Rbr20 Firmware
Netgear Rbr40 Firmware
Netgear Rbr50 Firmware
Netgear Rbs10 Firmware
Netgear Rbs20 Firmware
NA
CVE-2021-465592
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
NA
CVE-2023-3187
A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some unknown functionality of the file /changeimage.php of the component Profile Picture Handler. The manipulation of the argument newp...
Teachers Record Management System Project Teachers Record Management System 1.0
NA
CVE-2022-20860
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not valida...
Cisco Nexus Dashboard
516
VMScore
CVE-2020-3155
A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote malicious user to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions descr...
Cisco Intelligence Proximity
Cisco Jabber
Cisco Meeting
Cisco Webex Meetings
Cisco Webex Teams
Cisco Telepresence Codec C40 Firmware -
Cisco Telepresence Codec C60 Firmware -
Cisco Telepresence Codec C90 Firmware -
516
VMScore
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vmanage Network Management System -
1000
VMScore
CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
1 EDB exploit
312
VMScore
CVE-2011-1401
ikiwiki prior to 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS)...
Ikiwiki Ikiwiki 2.19
Ikiwiki Ikiwiki 2.18
Ikiwiki Ikiwiki 3.1415
Ikiwiki Ikiwiki 3.10
Ikiwiki Ikiwiki 3.11
Ikiwiki Ikiwiki 3.12
Ikiwiki Ikiwiki 2.60
Ikiwiki Ikiwiki 2.64
Ikiwiki Ikiwiki 2.65
Ikiwiki Ikiwiki 2.62.1
Ikiwiki Ikiwiki 3.02
Ikiwiki Ikiwiki 3.01
Ikiwiki Ikiwiki 3.09
Ikiwiki Ikiwiki 3.08
Ikiwiki Ikiwiki 2.31.3
Ikiwiki Ikiwiki 2.43
Ikiwiki Ikiwiki 2.42
Ikiwiki Ikiwiki 2.44
Ikiwiki Ikiwiki 2.48
Ikiwiki Ikiwiki 2.49
Ikiwiki Ikiwiki 2.54
Ikiwiki Ikiwiki 2.55
435
VMScore
CVE-2004-2725
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in ...
Aztek Forum Aztek Forum 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »