Recent vulnerabilities and exploits

D-Link DIR-853 A1 FW1.20B07 exists to contain a command injection vulnerability in the SetVirtualServerSettings module.

D-Link DIR-853 A1 FW1.20B07 exists to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetQuickVPNSettings module.

D-Link DIR-853 A1 FW1.20B07 exists to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module.

Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 allows an malicious user to execute arbitrary code and obtain sensitive information via the ripristina_backup parameter in the crea_backup.php endpoint

A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows malicious users to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF to...

An issue in HotelDruid version 3.0.7 and previous versions allows users to set weak passwords due to the lack of enforcement of password strength policies.

An issue in the component admin_template.php of SUCMS v1.0 allows malicious users to execute a directory traversal and arbitrary file deletion via a crafted GET request.

A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows malicious users to access internal data and services via a crafted GET request.

HkCms v2.3.2.240702 exists to contain an arbitrary file write vulnerability in the component Appcenter.php.

crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system/SystemDatabackupServices.php

« PREV 1 2 3 4 5 6 7 8 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook