Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-7142
A vulnerability was found in code-projects Client Details System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/clientview.php. The manipulation of the argument ID leads to sql injection. The exploit has bee...
Code-projects Client Details System 1.0
9.8
CVSSv3
CVE-2023-7139
A vulnerability has been found in code-projects Client Details System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the argument fname/lname/email/contact ...
Code-projects Client Details System 1.0
9.8
CVSSv3
CVE-2023-7140
A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the pu...
Code-projects Client Details System 1.0
9.8
CVSSv3
CVE-2023-48654
One Identity Password Manager prior to 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape seque...
Oneidentity Password Manager
9.8
CVSSv3
CVE-2023-50477
An issue exists in nos client version 0.6.6, allows remote malicious users to escalate privileges via getRPCEndpoint.js.
Nos Nos Client 0.6.6
9.8
CVSSv3
CVE-2023-47267
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows malicious users to gain escalated privileges via crafted changes to memory mapped file.
Thegreenbow Windows Enterprise Certified Vpn 6.52
Thegreenbow Windows Standard Vpn 6.87
Thegreenbow Windows Enterprise Vpn 6.87
9.8
CVSSv3
CVE-2023-46454
In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.
Gl-inet Gl-ar300m Firmware 4.3.7
1 Github repository
9.8
CVSSv3
CVE-2023-46456
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.
Gl-inet Gl-ar300m Firmware 3.216
1 Github repository
9.8
CVSSv3
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and previous versions on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-50424
SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the...
Sap Cloud-security-client-go
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »