Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmed alroky vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-29298
SolarView Compact ver.6.00 allows malicious users to access sensitive files via directory traversal.
Contec Sv-cpt-mc310 Firmware 6.00
NA
CVE-2022-29299
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20660. Reason: This candidate is a reservation duplicate of CVE-2021-20660. Notes: All CVE users should reference CVE-2021-20660 instead of this candidate. All references and descriptions in this candidate ha...
NA
CVE-2022-29301
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20660. Reason: This candidate is a reservation duplicate of CVE-2021-20660. Notes: All CVE users should reference CVE-2021-20660 instead of this candidate. All references and descriptions in this candidate ha...
9.8
CVSSv3
CVE-2022-29303
SolarView Compact ver.6.00 exists to contain a command injection vulnerability via conf_mail.php.
Contec Sv-cpt-mc310 Firmware 6.00
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
Guralp Man-eam-0003 3.2.4
8.8
CVSSv3
CVE-2022-38841
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.
Linksys E8450 Firmware 1.1.00
9.8
CVSSv3
CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
Apsystems Energy Communication Unit Firmware C1.2.5
2 Github repositories
7.5
CVSSv3
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
7.5
CVSSv3
CVE-2022-34047
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
6.1
CVSSv3
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 exists to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
Wavlink Wn533a8 Firmware M33a8.v5030.190716
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »