Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2423
The DW Promobar WordPress plugin up to and including 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in mult...
Designwall Dw Promobar
NA
CVE-2022-34535
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated malicious users to view internal paths and scripts via web files.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34534
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows malicious users to access sensitive infromation via a crafted API call.
Dw Spectrum Server Firmware 4.2.0.32842
NA
CVE-2022-34536
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows malicious users to access the core log file and perform session hijacking via a crafted session token.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34537
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34538
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34540
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34539
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2021-4408
The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the update_answer() function. This makes it possible for unauthenticated malicious users ...
Designwall Dw Question \\& Answer
4
CVSSv2
CVE-2021-24800
The DW Question & Answer Pro WordPress plugin up to and including 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Designwall Dw Question \\& Answer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »