Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
7.5
CVSSv2
CVE-2021-33219
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Commscope Ruckus Iot Controller
7.5
CVSSv2
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.1
Spip Spip 3.0.2
Spip Spip 3.0.3
Spip Spip 3.0.4
Spip Spip 3.0.0
Spip Spip 3.0.5
Spip Spip 3.0.7
Spip Spip 3.0.6
Spip Spip 3.0.8
Spip Spip 2.1.1
Spip Spip 2.1.2
Spip Spip 2.1.3
Spip Spip 2.1.17
Spip Spip 2.1.18
Spip Spip 2.1.19
Spip Spip 2.1.20
Spip Spip 2.1.9
Spip Spip 2.1.10
Spip Spip 2.1.11
Spip Spip 2.1.12
Spip Spip 2.1.5
Spip Spip 2.1.7
1 EDB exploit
10
CVSSv2
CVE-2017-6622
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote malicious user to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain H...
Cisco Prime Collaboration Provisioning 9.5.0
Cisco Prime Collaboration Provisioning 9.0.0
Cisco Prime Collaboration Provisioning 11.1.0
Cisco Prime Collaboration Provisioning 10.5.1
Cisco Prime Collaboration Provisioning 10.5.0
Cisco Prime Collaboration Provisioning 10.6.2
Cisco Prime Collaboration Provisioning 11.0.0
Cisco Prime Collaboration Provisioning 10.6.0
Cisco Prime Collaboration Provisioning 11.5.0
Cisco Prime Collaboration Provisioning 10.0.0
1 EDB exploit
7.8
CVSSv2
CVE-2022-20683
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This ...
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.7.2
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.7.3
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.7.4
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.2a
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
7.2
CVSSv2
CVE-2017-6794
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local malicious user to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credenti...
Cisco Meeting Server 2.0.16
Cisco Meeting Server 2.0.15
Cisco Meeting Server 2.0.14
Cisco Meeting Server 2.0.13
Cisco Meeting Server 2.0.12
Cisco Meeting Server 2.1.11
Cisco Meeting Server 2.0.0
Cisco Meeting Server 2.0.1
Cisco Meeting Server 2.0.3
Cisco Meeting Server 2.0.10
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.1.7
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.0.5
Cisco Meeting Server 2.0.7
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.0.9
Cisco Meeting Server 2.1.0
Cisco Meeting Server 2.1.1
4.9
CVSSv2
CVE-2009-2334
wp-admin/admin.php in WordPress and WordPress MU prior to 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote malicious users to specify a configuration file in the page parameter to obtain sensitive information or mod...
Wordpress Wordpress 2.3.3
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.6
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.2.0
Wordpress Wordpress 2.2
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.5
Wordpress Wordpress 2.3
Wordpress Wordpress 2.2 Revision5003
1 EDB exploit
8.5
CVSSv2
CVE-2021-20106
Nessus Agent versions 8.2.5 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
7.5
CVSSv2
CVE-2009-1610
admin/changepassword.php in Job Script Job Board Software 2.0 allows remote malicious users to change the administrator password and gain administrator privileges via a direct request.
Jobscript Job Script Job Board Software 2.0
1 EDB exploit
10
CVSSv2
CVE-2008-7170
GSC build 2067 and previous versions relies on the client to enforce administrator privileges, which allows remote malicious users to execute arbitrary administrator commands via a crafted packet.
Gameservers Gsc 1.00
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »