Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
9.8
CVSSv3
CVE-2021-33219
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Commscope Ruckus Iot Controller
NA
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.1
Spip Spip 3.0.2
Spip Spip 3.0.3
Spip Spip 3.0.4
Spip Spip 3.0.0
Spip Spip 3.0.5
Spip Spip 3.0.7
Spip Spip 3.0.6
Spip Spip 3.0.8
Spip Spip 2.1.1
Spip Spip 2.1.2
Spip Spip 2.1.3
Spip Spip 2.1.17
Spip Spip 2.1.18
Spip Spip 2.1.19
Spip Spip 2.1.20
Spip Spip 2.1.9
Spip Spip 2.1.10
Spip Spip 2.1.11
Spip Spip 2.1.12
Spip Spip 2.1.5
Spip Spip 2.1.7
1 EDB exploit
9.8
CVSSv3
CVE-2017-6622
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote malicious user to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain H...
Cisco Prime Collaboration Provisioning 9.5.0
Cisco Prime Collaboration Provisioning 9.0.0
Cisco Prime Collaboration Provisioning 11.1.0
Cisco Prime Collaboration Provisioning 10.5.1
Cisco Prime Collaboration Provisioning 10.5.0
Cisco Prime Collaboration Provisioning 10.6.2
Cisco Prime Collaboration Provisioning 11.0.0
Cisco Prime Collaboration Provisioning 10.6.0
Cisco Prime Collaboration Provisioning 11.5.0
Cisco Prime Collaboration Provisioning 10.0.0
1 EDB exploit
8.6
CVSSv3
CVE-2022-20683
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This ...
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.7.2
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.7.3
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.7.4
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.2a
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
6.7
CVSSv3
CVE-2017-6794
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local malicious user to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credenti...
Cisco Meeting Server 2.0.16
Cisco Meeting Server 2.0.15
Cisco Meeting Server 2.0.14
Cisco Meeting Server 2.0.13
Cisco Meeting Server 2.0.12
Cisco Meeting Server 2.1.11
Cisco Meeting Server 2.0.0
Cisco Meeting Server 2.0.1
Cisco Meeting Server 2.0.3
Cisco Meeting Server 2.0.10
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.1.7
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.0.5
Cisco Meeting Server 2.0.7
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.0.9
Cisco Meeting Server 2.1.0
Cisco Meeting Server 2.1.1
NA
CVE-2009-2334
wp-admin/admin.php in WordPress and WordPress MU prior to 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote malicious users to specify a configuration file in the page parameter to obtain sensitive information or mod...
Wordpress Wordpress 2.3.3
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.6
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.2.0
Wordpress Wordpress 2.2
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.5
Wordpress Wordpress 2.3
Wordpress Wordpress 2.2 Revision5003
1 EDB exploit
6.5
CVSSv3
CVE-2021-20106
Nessus Agent versions 8.2.5 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
NA
CVE-2009-1610
admin/changepassword.php in Job Script Job Board Software 2.0 allows remote malicious users to change the administrator password and gain administrator privileges via a direct request.
Jobscript Job Script Job Board Software 2.0
1 EDB exploit
7.5
CVSSv3
CVE-2018-0226
A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote malicious user to gain elevated...
Cisco Mobility Express Software 8.3\\(90.65\\)
Cisco Mobility Express Software 8.4\\(1.65\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »