Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stephen shkardoon vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-20218
An issue exists on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/www/check.lp file. An attacker is able to perform command injection using the "passw...
Teracue Enc-400 Hdmi Firmware
Teracue Enc-400 Hdmi2 Firmware
Teracue Enc-400 Hdsdi Firmware
1 EDB exploit
8.1
CVSSv3
CVE-2018-20219
An issue exists on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the source c...
Teracue Enc-400 Hdmi Firmware
Teracue Enc-400 Hdmi2 Firmware
Teracue Enc-400 Hdsdi Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2018-20220
An issue exists on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before being authen...
Teracue Enc-400 Hdmi Firmware
Teracue Enc-400 Hdmi2 Firmware
Teracue Enc-400 Hdsdi Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2018-10575
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
7.8
CVSSv3
CVE-2018-10576
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
1 EDB exploit
8.8
CVSSv3
CVE-2018-10577
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowin...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
1 EDB exploit
9.1
CVSSv3
CVE-2019-19374
An issue exists in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can delete arbitrary files from th...
Squiz Matrix
9.8
CVSSv3
CVE-2018-10578
An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an malicious user to bypass validation o...
Watchguard Ap200 Firmware
Watchguard Ap102 Firmware
Watchguard Ap100 Firmware
Watchguard Ap300 Firmware
7.5
CVSSv3
CVE-2019-19373
An issue exists in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST pa...
Squiz Matrix
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started