Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2423
The DW Promobar WordPress plugin up to and including 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in mult...
Designwall Dw Promobar
NA
CVE-2022-34534
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows malicious users to access sensitive infromation via a crafted API call.
Dw Spectrum Server Firmware 4.2.0.32842
NA
CVE-2022-34535
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated malicious users to view internal paths and scripts via web files.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34536
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows malicious users to access the core log file and perform session hijacking via a crafted session token.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34537
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34538
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34539
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
NA
CVE-2022-34540
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 exists to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.
Dw Megapix Firmware 4.2.0.32842
356
VMScore
CVE-2021-24800
The DW Question & Answer Pro WordPress plugin up to and including 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Designwall Dw Question \\& Answer
383
VMScore
CVE-2021-24805
The DW Question & Answer Pro WordPress plugin up to and including 1.3.4 does not properly check for CSRF in some of its functions, allowing malicious users to make logged in users perform unwanted actions, such as update a comment or a question status.
Designwall Dw Question \\& Answer
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »