Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
han sahin vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2016-7168
Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress prior to 4.6.1 might allow remote malicious users to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a c...
Wordpress Wordpress
11 Github repositories
NA
CVE-2015-0513
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) prior to 6.5u1 and ViPR SRM prior to 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafte...
Emc Watch4net
Emc Vipr Srm
NA
CVE-2015-0514
EMC M&R (aka Watch4Net) prior to 6.5u1 and ViPR SRM prior to 3.6.1 might allow remote malicious users to obtain cleartext data-center discovery credentials by leveraging certain SRM access to conduct a decryption attack.
Emc Watch4net
Emc Vipr Srm
1 EDB exploit
NA
CVE-2015-0516
Directory traversal vulnerability in EMC M&R (aka Watch4Net) prior to 6.5u1 and ViPR SRM prior to 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL.
Emc Vipr Srm
Emc Watch4net
1 EDB exploit
NA
CVE-2015-6911
SQL injection vulnerability in Synology Video Station prior to 1.5-0763 allows remote malicious users to execute arbitrary SQL commands via the id parameter to watchstatus.cgi.
Synology Video Station
1 EDB exploit
NA
CVE-2015-6912
Synology Video Station prior to 1.5-0763 allows remote malicious users to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi.
Synology Video Station
1 EDB exploit
NA
CVE-2015-2682
Citrix Command Center prior to 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote malicious users to obtain credentials via a direct request to conf/securitydbData.xml.
Citrix Command Center 5.2
Citrix Command Center 5.1
1 EDB exploit
NA
CVE-2015-2746
The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances prior to 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "se...
Websense V-series Appliances
Websense Triton 7.8.3
1 EDB exploit
NA
CVE-2015-0524
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Emc Secure Remote Services 3.02
Emc Secure Remote Services 3.03
NA
CVE-2015-0525
The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote malicious users to execute arbitrary OS commands via unspecified vectors.
Emc Secure Remote Services 3.02
Emc Secure Remote Services 3.03
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon