Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arvind v. vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-14680
ZKTeco ZKTime Web 2.0.1.12280 allows remote malicious users to obtain sensitive employee metadata via a direct request for a PDF document.
Zkteco Zktime Web 2.0.1.12280
1 EDB exploit
6
CVSSv2
CVE-2018-7216
Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by leveraging lack of anti-CSRF t...
Tejari Bravo Solution -
1 EDB exploit
6
CVSSv2
CVE-2017-13129
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
Zkteco Zktime Web 2.0.1.12280
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started