Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
4.8
CVSSv3
CVE-2024-26156
All versions of ETIC Telecom Remote Access Server (RAS) before 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its resp...
4.8
CVSSv3
CVE-2024-26154
All versions of ETIC Telecom Remote Access Server (RAS) before 4.5.0 are vulnerable to reflected cross site scripting in the appliance site name. The ETIC RAS web server saves the site name and then presents it to the administrators in a few different pages.
6.8
CVSSv3
CVE-2024-26155
All versions of ETIC Telecom Remote Access Server (RAS) before 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server,...
6.1
CVSSv3
CVE-2024-26157
All versions of ETIC Telecom Remote Access Server (RAS) before 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in get view method under view parameter. The ETIC RAS web server uses dynamic pages that get their input from the client side and reflect the inp...
4.3
CVSSv3
CVE-2024-45832
Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information.
7.4
CVSSv3
CVE-2024-26153
All versions of ETIC Telecom Remote Access Server (RAS) before 4.9.19 are vulnerable to cross-site request forgery (CSRF). An external attacker with no access to the device can force the end user into submitting a "setconf" method request, not requiring any CSRF toke...
6.3
CVSSv3
CVE-2025-0531
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/leaveroom.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has bee...
3.5
CVSSv3
CVE-2025-0530
A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /_parse/_feedback_system.php. The manipulation of the argument type leads to cross site scripting. The attack can be initiated re...
NA
CVE-2024-50967
The /rest/rights/ REST API endpoint in Becon DATAGerry up to and including 2.2.0 contains an Incorrect Access Control vulnerability. An attacker can remotely access this endpoint without authentication, leading to unauthorized disclosure of sensitive information.
1 Github repository
7.2
CVSSv3
CVE-2025-0528
A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attac...
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-55591
CVE-2024-13184
unauthorized
information disclosure
CVE-2024-13385
CVE-2024-43468
denial of service
CVE-2024-57370
CVE-2025-21606
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »