Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
associated vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3151
Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the menu parameter.
Associated Associated Cms 1.1.3
Associated Associated Cms 1.2.0
1 EDB exploit
NA
CVE-2006-2841
Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php...
Associated Associated Cms 1.1.3
1 EDB exploit
NA
CVE-2007-2554
Associated Press (AP) Newspower 4.0.1 and previous versions uses a default blank password for the MySQL root account, which allows remote malicious users to insert or modify news articles via shows.tblscript.
Associated Press Newspower
5.4
CVSSv3
CVE-2022-45401
Jenkins Associated Files Plugin 0.2.1 and previous versions does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Associated Files
7.5
CVSSv3
CVE-2016-6419
SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 up to and including 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.
Cisco Firepower Management Center 5.4.0
Cisco Firepower Management Center 5.3.1
Cisco Firepower Management Center 5.2.0
Cisco Firepower Management Center 5.3.0
Cisco Firepower Management Center 4.10.3
6.5
CVSSv3
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 up to and including 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.
Cisco Firesight System Software 4.10.3
Cisco Firesight System Software 5.4.0
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1
6.8
CVSSv3
CVE-2018-15390
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affect...
Cisco Firepower Threat Defense
NA
CVE-2023-6960
TTLock App virtual keys and settings are only deleted client side, and if preserved, can access the lock after intended deletion.
NA
CVE-2023-7003
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware.
NA
CVE-2023-7004
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »