Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
akkus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-11447
An issue exists in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The h...
Cutephp Cutenews 2.1.2
8 Github repositories
6.8
CVSSv2
CVE-2018-19459
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.
Armcode Adult Filter 1.0
1 EDB exploit
5
CVSSv2
CVE-2018-19458
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
Php-proxy Php-proxy 3.0.3
1 EDB exploit
6.5
CVSSv2
CVE-2018-18924
The image-upload feature in ProjeQtOr 7.2.5 allows remote malicious users to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" er...
Projeqtor Projeqtor
1 EDB exploit
4.3
CVSSv2
CVE-2018-20503
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
Alliedtelesis 8100l\\/8 Firmware -
1 EDB exploit
7.5
CVSSv2
CVE-2022-22831
An issue exists in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
Servisnet Tessa 0.0.2
10
CVSSv2
CVE-2022-22832
An issue exists in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
Servisnet Tessa 0.0.2
5
CVSSv2
CVE-2022-22833
An issue exists in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
Servisnet Tessa 0.0.2
9
CVSSv2
CVE-2019-12840
In Webmin up to and including 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
Webmin Webmin
12 Github repositories
9
CVSSv2
CVE-2020-35606
Arbitrary command execution can occur in Webmin up to and including 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-1...
Webmin Webmin
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »