Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-14244
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
Iball Ib-wra150n Firmware Fw Ib-lr7011a 1.0.2
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2014-8493
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote malicious users to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
Zte Zxhn H108l Firmware 4.0.0d Zrq Gr4
2 EDB exploits
7.5
CVSSv2
CVE-2008-5974
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) password and (2) username fields.
Activewebsoftwares Active Price Comparison 4.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-5589
SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote malicious users to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obt...
Katywhitton Rankem
1 EDB exploit
7.5
CVSSv2
CVE-2009-0297
SQL injection vulnerability in login_check.asp in ClickAuction allows remote malicious users to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
Clicktech Clickauction Nil
1 EDB exploit
7.5
CVSSv2
CVE-2009-0252
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote malicious users to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are o...
Enthrallweb Ereservations
1 EDB exploit
7.5
CVSSv2
CVE-2012-0913
SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote malicious users to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information.
Icloudcenter Ictimeattendance 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4870
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote malicious users to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party in...
Phpcityportal Phpcityportal
1 EDB exploit
10
CVSSv2
CVE-2021-33044
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Dahuasecurity Ipc-hum7xxx Firmware
Dahuasecurity Ipc-hx3xxx Firmware
Dahuasecurity Ipc-hx5xxx Firmware
Dahuasecurity Sd1a1 Firmware
Dahuasecurity Sd22 Firmware
Dahuasecurity Sd41 Firmware
Dahuasecurity Sd50 Firmware
Dahuasecurity Sd52c Firmware
Dahuasecurity Sd6al Firmware
Dahuasecurity Tpc-bf1241 Firmware
Dahuasecurity Tpc-bf2221 Firmware
Dahuasecurity Tpc-bf5x01 Firmware
Dahuasecurity Tpc-pt8x21b Firmware
Dahuasecurity Tpc-sd2221 Firmware
Dahuasecurity Tpc-sd8x21 Firmware
Dahuasecurity Vto-65xxx Firmware
Dahuasecurity Vto-75x95x Firmware
Dahuasecurity Vth-542xh Firmware
Dahuasecurity Tpc-bf5x21 Firmware
19 Github repositories
10
CVSSv2
CVE-2021-33045
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Dahuasecurity Ipc-hum7xxx Firmware
Dahuasecurity Ipc-hx3xxx Firmware
Dahuasecurity Ipc-hx5xxx Firmware
Dahuasecurity Nvr-1xxx Firmware
Dahuasecurity Nvr-2xxx Firmware
Dahuasecurity Nvr-4xxx Firmware
Dahuasecurity Nvr-5xxx Firmware
Dahuasecurity Nvr-6xx Firmware
Dahuasecurity Vth-542xh Firmware
Dahuasecurity Vto-65xxx Firmware
Dahuasecurity Vto-75x95x Firmware
Dahuasecurity Xvr-4x04 Firmware -
Dahuasecurity Xvr-4x08 Firmware
Dahuasecurity Xvr-4x04 Firmware
Dahuasecurity Xvr-5x04 Firmware
Dahuasecurity Xvr-5x08 Firmware
Dahuasecurity Xvr-5x16 Firmware
Dahuasecurity Xvr-7x16 Firmware
Dahuasecurity Xvr-7x32 Firmware
18 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »