Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1491
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash...
NA
CVE-2024-22179
The application is vulnerable to an unauthenticated parameter manipulation that allows an malicious user to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change.
NA
CVE-2024-3742
Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an malicious user to access the system.
NA
CVE-2024-21846
An unauthenticated attacker can reset the board and stop transmitter operations by sending a specially-crafted GET request to the command.cgi gateway, resulting in a denial-of-service scenario.
NA
CVE-2024-21872
The device allows an unauthenticated malicious user to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the transmitter.
NA
CVE-2024-3741
Electrolink transmitters are vulnerable to an authentication bypass vulnerability affecting the login cookie. An attacker can set an arbitrary value except 'NO' to the login cookie and have full system access.
NA
CVE-2024-22186
The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator.
NA
CVE-2023-33684
Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NA...
Dbbroadcast Sft Dab 600\\/c Bios 7.1
Dbbroadcast Sft Dab 600\\/c Firmware 1.9.3
5
CVSSv2
CVE-2005-2106
Unknown vulnerability in Drupal 4.5.0 up to and including 4.5.3, 4.6.0, and 4.6.1 allows remote malicious users to execute arbitrary PHP code via a public comment or posting.
Drupal Drupal 4.5.3
Drupal Drupal 4.6.0
Drupal Drupal 4.6.1
Drupal Drupal 4.5.0
Drupal Drupal 4.5.1
Drupal Drupal 4.5.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started