Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
associated vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3151
Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the menu parameter.
Associated Associated Cms 1.1.3
Associated Associated Cms 1.2.0
1 EDB exploit
NA
CVE-2006-2841
Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php...
Associated Associated Cms 1.1.3
1 EDB exploit
NA
CVE-2007-2554
Associated Press (AP) Newspower 4.0.1 and previous versions uses a default blank password for the MySQL root account, which allows remote malicious users to insert or modify news articles via shows.tblscript.
Associated Press Newspower
5.4
CVSSv3
CVE-2022-45401
Jenkins Associated Files Plugin 0.2.1 and previous versions does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Associated Files
7.5
CVSSv3
CVE-2016-6419
SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 up to and including 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.
Cisco Firepower Management Center 5.4.0
Cisco Firepower Management Center 5.3.1
Cisco Firepower Management Center 5.2.0
Cisco Firepower Management Center 5.3.0
Cisco Firepower Management Center 4.10.3
6.5
CVSSv3
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 up to and including 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.
Cisco Firesight System Software 4.10.3
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1
6.8
CVSSv3
CVE-2018-15390
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affect...
Cisco Firepower Threat Defense
NA
CVE-2023-7003
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware.
NA
CVE-2023-7006
The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity.
NA
CVE-2023-7017
Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allow...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »