Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secpod research vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4720
Hillstone HS TFTP Server 1.3.2 allows remote malicious users to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.
Hillstone Software Hs Tftp Server 1.3.2
1 EDB exploit
NA
CVE-2012-1005
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt...
Sphinx-soft Mobile Web Server 3.1.2.47
1 EDB exploit
NA
CVE-2012-1006
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to st...
Apache Struts 2.0.14
Apache Struts 2.2.3
1 EDB exploit
NA
CVE-2012-1007
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do ...
Apache Struts 1.3.10
1 EDB exploit
NA
CVE-2012-1008
OfficeSIP Server 3.1 allows remote malicious users to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
Officesip Officesip Server 3.1
1 EDB exploit
NA
CVE-2012-1009
NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote malicious users to cause a denial of service (daemon crash) via a malformed LPD request.
Netsarang Xlpd 4
Netsarang Xmanager Enterprise 4
1 EDB exploit
NA
CVE-2013-2299
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) prior to 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Advantech Advantech Webaccess 5.0
Advantech Advantech Webaccess
Advantech Advantech Webaccess 6.0
1 EDB exploit
NA
CVE-2012-1464
Dashboard Server for NetMechanica NetDecision prior to 4.6.1 allows remote malicious users to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are o...
Netmechanica Netdecision
1 EDB exploit
NA
CVE-2012-1466
The Traffic Grapher Server for NetMechanica NetDecision prior to 4.6.1 allows remote malicious users to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. NOTE: some of these d...
Netmechanica Netdecision
1 EDB exploit
NA
CVE-2011-4722
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
Ipswitch Tftp Server 1.0.0.24
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »