Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
NA
CVE-2013-2612
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI....
NA
CVE-2020-8090
The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login)....
NA
CVE-2020-8091
svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/websvg/svg.swf pathname....
NA
CVE-2013-2267
PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system....
1 EDB exploit available
NA
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter....
1 EDB exploit available
NA
CVE-2013-2499
SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie....
NA
CVE-2012-6448
Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
1 EDB exploit available
7.5
CVSSv2
CVE-2019-16278
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request....
Nazgul
Nostromo Nhttpd
1 EDB exploit available
1 Metasploit module available
13 Github repositories available
NA
CVE-2020-5218
Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the...
NA
CVE-2020-5220
Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-16018
CVE-2020-0674
CVE-2020-3136
CVE-2013-4462
CVE-2020-0610
denial of service
TCP
CVE-2019-20429
spoof
« PREV
1
2
3
4
5
6
7
8
9
10
11
NEXT »
Vulmon