Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-6312
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Manzovi Proquiz 1.0
1 EDB exploit
755
VMScore
CVE-2008-6327
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2022-2651
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm before 0.4.5.
Joinbookwyrm Bookwyrm
755
VMScore
CVE-2009-1323
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Webfileexplorer Web File Explorer 3.1
1 EDB exploit
685
VMScore
CVE-2009-2018
SQL injection vulnerability in admin/index.php in Jared Eckersley MyCars, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the authuserid parameter.
Jaredeckersley Mycars
1 EDB exploit
755
VMScore
CVE-2006-2116
planetGallery allows remote malicious users to gain administrator privileges via a direct request to admin/gallery_admin.php.
Planet Concept Planetgallery
1 EDB exploit
755
VMScore
CVE-2008-5631
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote malicious users to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party informatio...
Activewebsoftwares Active Ewebquiz 8.0
1 EDB exploit
356
VMScore
CVE-2019-3724
RSA Netwitness Platform versions before 11.2.1.1 is vulnerable to an Authorization Bypass vulnerability. A remote low privileged attacker could potentially exploit this vulnerability to gain access to administrative information including credentials.
Rsa Security Analytics
Rsa Netwitness Platform
685
VMScore
CVE-2009-2883
SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php.
Arabless Saphplesson 4.0
1 EDB exploit
525
VMScore
CVE-2009-3200
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this ...
Qnap Ts-239 Pro Turbo Nas 2.1.7 0613
Qnap Ts-239 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 3.1.1 0815
Qnap Ts-239 Pro Turbo Nas 3.1.1 0815
Qnap Ts-639 Pro Turbo Nas 2.1.7 0613
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »