Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dan crowley vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0945
Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote malicious users to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags.
Asp Press Acs Blog 1.1.1
1 EDB exploit
NA
CVE-2013-4860
Radio Thermostat CT80 And CT50 with firmware 1.4.64 and previous versions does not restrict access to the API, which allows remote malicious users to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors.
Radiothermostat Ct50 Firmware
Radiothermostat Ct50 -
Radiothermostat Ct80 Firmware
Radiothermostat Ct80 -
NA
CVE-2013-4866
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate malicious users to trigger physical resource consumption (water or heat) or user discomfort.
Lixil My Satis Genius Toilet -
6.5
CVSSv3
CVE-2013-4861
Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
8.1
CVSSv3
CVE-2013-4862
MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
9.8
CVSSv3
CVE-2013-4864
MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
6.5
CVSSv3
CVE-2013-4865
Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
6.3
CVSSv3
CVE-2013-4867
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
Ea Karotz Smart Rabbit Firmware 12.07.19.00
1 EDB exploit
5.3
CVSSv3
CVE-2013-4868
Karotz API 12.07.19.00: Session Token Information Disclosure
Karotz Api 12.07.19.00
1 EDB exploit
8.8
CVSSv3
CVE-2013-4863
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote malicious users to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a...
Micasaverde Veralite Firmware 1.5.408
2 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started