Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolev farhi vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-14181
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 prior to 8.5.7, and fro...
Atlassian Jira
Atlassian Data Center
Atlassian Jira Server
3 Github repositories
1 Article
6
CVSSv2
CVE-2015-8368
ntopng (aka ntop) prior to 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Ntop Ntopng
1 EDB exploit
4.3
CVSSv2
CVE-2015-4420
Multiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via a (1) crafted check plugin, the (2) description in a host profile, or the (3) plugin_args parameter to a Test service...
Opsview Opsview
1 EDB exploit
3.5
CVSSv2
CVE-2014-3111
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 up to and including 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Management page, (2) Image Name field to the Image Management page, (3) ...
Fogproject Fog 0.30
Fogproject Fog 0.27
Fogproject Fog 0.31
Fogproject Fog 0.28
Fogproject Fog 0.29
Fogproject Fog 0.32
7.5
CVSSv2
CVE-2014-6607
M/Monit 3.3.2 and previous versions does not verify the original password before changing passwords, which allows remote malicious users to change the password of other users and gain privileges via the fullname and password parameters, a different vulnerability than CVE-2014-640...
Mmonit M/monit
1 EDB exploit
6.8
CVSSv2
CVE-2014-6409
Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change user passwords via the fullname and password parameters to /admin/users/update.
Mmonit M/monit
1 EDB exploit
6.8
CVSSv2
CVE-2014-7190
Multiple cross-site request forgery (CSRF) vulnerabilities in Openfiler 2.99.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) shutdown or (2) reboot the server via a request to admin/system_shutdown.html.
Openfiler Openfiler 2.99.1
1 EDB exploit
3.5
CVSSv2
CVE-2014-3740
Cross-site scripting (XSS) vulnerability in SpiceWorks prior to 7.2.00195 allows remote authenticated users to inject arbitrary web script or HTML via the Summary field in a ticket request to the portal page.
Spiceworks Spiceworks
Spiceworks Spiceworks 7.2.00189
Spiceworks Spiceworks 7.2.00174
1 EDB exploit
4.3
CVSSv2
CVE-2014-6070
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer prior to 3.6.6 allow remote malicious users to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php.
Adiscon Loganalyzer 3.6.0
Adiscon Loganalyzer 3.6.3
Adiscon Loganalyzer 3.6.2
Adiscon Loganalyzer
Adiscon Loganalyzer 3.6.1
Adiscon Loganalyzer 3.6.4
1 EDB exploit
NA
CVE-2014-60701
LogAnalyzer version 3.6.5 suffers from a cross site scripting vulnerability.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »