Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
johannes greil vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2018-13110
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
Adbglobal Dv2210 Firmware -
Adbglobal Vv2220 Firmware -
Adbglobal Vv5522 Firmware -
Adbglobal Prg Av4202n Firmware -
1 EDB exploit
755
VMScore
CVE-2011-3923
Apache Struts prior to 2.3.1.2 allows remote malicious users to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
Apache Struts
Redhat Jboss Enterprise Web Server 1.0.0
1 EDB exploit
1 Github repository
725
VMScore
CVE-2018-13108
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP creden...
Adbglobal Dv2210 Firmware -
Adbglobal Vv2220 Firmware -
Adbglobal Vv5522 Firmware -
Adbglobal Prg Av4202n Firmware -
1 EDB exploit
505
VMScore
CVE-2018-13109
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be ...
Adbglobal Dv2210 Firmware -
Adbglobal Vv2220 Firmware -
Adbglobal Vv5522 Firmware -
Adbglobal Prg Av4202n Firmware -
1 EDB exploit
505
VMScore
CVE-2005-4550
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote malicious users to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
Oracle Application Server Discussion Forum Portlet
1 EDB exploit
445
VMScore
CVE-2019-15045
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality
Zohocorp Manageengine Servicedesk Plus
445
VMScore
CVE-2019-15046
Zoho ManageEngine ServiceDesk Plus 10 prior to 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.
Zohocorp Manageengine Servicedesk Plus
312
VMScore
CVE-2005-4189
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 prior to 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category a...
Horde Kronolith H3 2.0 Rc2
Horde Kronolith H3 2.0 Rc1
Horde Kronolith H3 2.0.4
Horde Kronolith H3 2.0
Horde Kronolith H3 2.0.2 Rc1
Horde Kronolith H3 2.0.5
Horde Kronolith H3 2.0 Rc3
Horde Kronolith H3 2.0.3
Horde Kronolith H3 2.0.1
Horde Kronolith H3 2.0.2
Horde Kronolith H3 2.0.4 Rc1
Horde Kronolith H3 2.0 Alpha
Horde Kronolith H3 2.0.3 Rc1
Horde Kronolith H3 2.0 Beta
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started