Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-8037
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) SOMVpnSSLPortalDialog or (2) FGDMngUpdHistory.
Fortinet Fortimanager Firmware
1 EDB exploit
NA
CVE-2015-8038
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sharedjobmanager or (2) SOMServiceObjDialog.
Fortinet Fortimanager Firmware
1 EDB exploit
8.6
CVSSv3
CVE-2017-15644
SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000.
Webmin Webmin
1 EDB exploit
8.8
CVSSv3
CVE-2017-15645
CSRF exists in Webmin 1.850. By sending a GET request to at/create_job.cgi containing dir=/&cmd= in the URI, an malicious user to execute arbitrary commands.
Webmin Webmin
1 EDB exploit
NA
CVE-2015-5353
Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/.
Novius-os Novius Os 5.0.1
1 EDB exploit
NA
CVE-2015-5354
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
Novius-os Novius Os 5.0.1
1 EDB exploit
7.8
CVSSv3
CVE-2016-8742
The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launc...
Apache Couchdb 2.0.0
1 EDB exploit
8.8
CVSSv3
CVE-2017-6803
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) FTP Voyager 16.2.0 allow remote malicious users to hijack the authentication of users for requests that (1) change the admin password, (2) terminate th...
Solarwinds Ftp Voyager 16.2.0
1 EDB exploit
NA
CVE-2015-5066
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page...
Metalgenix Genixcms 0.0.3
1 EDB exploit
6.1
CVSSv3
CVE-2017-15646
Webmin prior to 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file downloa...
Webmin Webmin
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »