Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-8423
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to execute arbitrary commands via unknown vectors.
Arris Vap2500 Firmware
1 EDB exploit
7.8
CVSSv2
CVE-2014-8425
The management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to obtain credentials by reading the configuration files.
Arris Vap2500 Firmware
1 EDB exploit
10
CVSSv2
CVE-2002-0613
dnstools.php for DNSTools 2.0 beta 4 and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
Dnstools Software Dnstools 2.0 Beta3
Dnstools Software Dnstools 2.0 Beta4
1 EDB exploit
NA
CVE-2020-283332
The Barco wePresent WiPG-1600W version 2.5.1.8 web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed ...
6.8
CVSSv2
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-6270
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the user parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-6487
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) admin and (2) password fields.
Digiappz Digiaffiliate
1 EDB exploit
7.5
CVSSv2
CVE-2008-7077
Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password fields.
Relative Sailplanner 0.3a
1 EDB exploit
7.5
CVSSv2
CVE-2008-6272
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the pass parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-6312
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Manzovi Proquiz 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »