Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
associated vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-3151
Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the menu parameter.
Associated Associated Cms 1.1.3
Associated Associated Cms 1.2.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-2841
Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php...
Associated Associated Cms 1.1.3
1 EDB exploit
NA
CVE-2022-45401
Jenkins Associated Files Plugin 0.2.1 and previous versions does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Associated Files
7.8
CVSSv2
CVE-2007-2554
Associated Press (AP) Newspower 4.0.1 and previous versions uses a default blank password for the MySQL root account, which allows remote malicious users to insert or modify news articles via shows.tblscript.
Associated Press Newspower
6
CVSSv2
CVE-2016-6419
SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 up to and including 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.
Cisco Firepower Management Center 5.4.0
Cisco Firepower Management Center 5.3.1
Cisco Firepower Management Center 5.2.0
Cisco Firepower Management Center 5.3.0
Cisco Firepower Management Center 4.10.3
6.8
CVSSv2
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 up to and including 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.
Cisco Firesight System Software 4.10.3
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1
7.1
CVSSv2
CVE-2018-15390
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affect...
Cisco Firepower Threat Defense
NA
CVE-2023-7017
Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allow...
NA
CVE-2023-7003
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware.
NA
CVE-2023-7004
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »