Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valentin lobstein vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2024-22899
Vinchin Backup & Recovery v7.2 exists to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
Vinchin Vinchin Backup And Recovery
1 Github repository
9.8
CVSSv3
CVE-2022-35866
This vulnerability allows remote malicious users to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The...
Vinchin Vinchin Backup And Recovery 6.5.0.17561
NA
CVE-2024-30920
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the render-document.php component.
NA
CVE-2024-30921
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the photo.php component.
NA
CVE-2024-30922
SQL Injection vulnerability in DerbyNet v9.0 allows a remote malicious user to execute arbitrary code via the where Clause in Award Document Rendering.
NA
CVE-2024-30923
SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the where Clause in Racer Document Rendering
NA
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the checkin.php component.
NA
CVE-2024-30925
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the photo-thumbs.php component.
NA
CVE-2024-30926
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the ./inc/kiosks.inc component.
NA
CVE-2024-30927
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the racer-results.php component.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »