Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
auditor vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
Cms Auditor Website Project Cms Auditor Website 1.0
1 EDB exploit
614
VMScore
CVE-2019-14969
Netwrix Auditor prior to 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file ...
Netwrix Auditor
NA
CVE-2022-31199
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by t...
Netwrix Auditor
383
VMScore
CVE-2021-31851
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Audito...
Mcafee Policy Auditor
383
VMScore
CVE-2021-31852
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based...
Mcafee Policy Auditor
605
VMScore
CVE-2018-15186
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
685
VMScore
CVE-2018-10655
DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).
Devicelock Plug And Play Auditor 5.72
1 EDB exploit
356
VMScore
CVE-2018-20638
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
312
VMScore
CVE-2018-20636
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
356
VMScore
CVE-2018-20637
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote malicious users to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.
Chartered Accountant \\ Auditor Website Project Chartered Accountant \\
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »