Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
log injection vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-44966
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.
Phpgurukul Employee Record Management System 1.2
10
CVSSv2
CVE-2019-1935
A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to log in to the CLI of an affected system by using the SCP User account (scpuser), wh...
Cisco Integrated Management Controller Supervisor
Cisco Integrated Management Controller Supervisor 2.1.0.0
Cisco Ucs Director 6.7(0.0.67265)
Cisco Ucs Director 6.0.0.0
Cisco Ucs Director 6.5.0.0
Cisco Ucs Director 6.6.0.0
Cisco Ucs Director 6.6.1.0
Cisco Ucs Director 6.7.0.0
Cisco Ucs Director 6.7.1.0
Cisco Ucs Director Express For Big Data 3.6.0.0
Cisco Ucs Director Express For Big Data 3.0.0.0
Cisco Ucs Director Express For Big Data 3.5.0.0
Cisco Ucs Director Express For Big Data 3.7.0.0
Cisco Ucs Director Express For Big Data 3.7.1.0
1 EDB exploit
1 Article
10
CVSSv2
CVE-2016-10817
cPanel prior to 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).
Cpanel Cpanel
10
CVSSv2
CVE-2017-6900
An issue exists in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Furt...
Riello-ups Netman 204 Firmware 14-2
Riello-ups Netman 204 Firmware 15-2
10
CVSSv2
CVE-2017-18369
The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the adv_remotelog.asp page and can be exploited through ...
Billion 5200w-t Firmware 1.02b
10
CVSSv2
CVE-2017-18368
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and...
Billion 5200w-t Firmware 7.3.8.0
Zyxel P660hn-t1a V2 Firmware 7.3.15.0
Zyxel P660hn-t1a V1 Firmware 7.3.15.0
10
CVSSv2
CVE-2017-12928
A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote malicious users to log in via SSH and escalate privileges to root access with the same credentials.
Tecnovision Dlx Spot Player4 -
1 Github repository
10
CVSSv2
CVE-2017-12785
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user (monitor role) to gain privileged ...
Noviflow Noviware
1 EDB exploit
10
CVSSv2
CVE-2017-3222
Hard-coded credentials in AmosConnect 8 allow remote malicious users to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
Inmarsat Amosconnect 8.0
Inmarsat Amosconnect 8.0.1
Inmarsat Amosconnect 8.0.2
Inmarsat Amosconnect 8.2.0
Inmarsat Amosconnect 8.2.1
Inmarsat Amosconnect 8.2.2
Inmarsat Amosconnect 8.3.0
Inmarsat Amosconnect 8.3.1
Inmarsat Amosconnect 8.4.0
Inmarsat Amosconnect 8.4.0.1
10
CVSSv2
CVE-2016-5674
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 up to and including 3.0.0, NUUO NVRsolo 1.7.5 up to and including 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 up to and including 1.4.1 allows remote malicious users to execute arbitrary PHP code via the log parameter.
Netgear Readynas Surveillance 1.4.0
Netgear Readynas Surveillance 1.1.1
Netgear Readynas Surveillance 1.2.0.4
Netgear Readynas Surveillance 1.4.2
Netgear Readynas Surveillance 1.3.2.14
Netgear Readynas Surveillance 1.4.1
Netgear Readynas Surveillance 1.3.2.4
Netgear Readynas Surveillance 1.1.2
Nuuo Nvrmini 2 2.0.0
Nuuo Nvrmini 2 1.7.5
Nuuo Nvrmini 2 1.7.6
Nuuo Nvrmini 2 2.2.1
Nuuo Nvrmini 2 3.0.0
Nuuo Nvrsolo 2.0.0
Nuuo Nvrsolo 2.3.1.20
Nuuo Nvrsolo 3.0.0
Nuuo Nvrsolo 2.3.7.9
Nuuo Nvrsolo 2.3
Nuuo Nvrsolo 2.3.7.10
Nuuo Nvrsolo 2.3.9.6
Nuuo Nvrsolo 2.0.1
Nuuo Nvrsolo 2.2.2
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »