Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
log injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1018
logwatch.pl in Logwatch 7.3.6 allows remote malicious users to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
Logwatch Logwatch 7.3.6
1 EDB exploit
NA
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
9.8
CVSSv3
CVE-2018-15441
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote malicious user to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could ...
Cisco Prime License Manager
Cisco Prime License Manager 11.5\\(1\\)
5.4
CVSSv3
CVE-2022-39285
ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability (XSS) by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code ...
Zoneminder Zoneminder
6.5
CVSSv3
CVE-2022-39290
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions authenticated users can bypass CSRF keys by modifying the request supplied to the Zoneminder web application. These modifications include replacing HTTP POST with an HTTP GET an...
Zoneminder Zoneminder
5.4
CVSSv3
CVE-2022-39291
ZoneMinder is a free, open source Closed-circuit television software application. Affected versions of zoneminder are subject to a vulnerability which allows users with "View" system permissions to inject new data into the logs stored by Zoneminder. This was observed th...
Zoneminder Zoneminder
7.8
CVSSv3
CVE-2019-1699
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecti...
Cisco Firepower Management Center
NA
CVE-2003-1026
Internet Explorer 5.01 through 6 SP1 allows remote malicious users to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstra...
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
1 EDB exploit
6.8
CVSSv3
CVE-2021-1452
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical m...
Cisco Ios Xe Rom Monitor
7.8
CVSSv3
CVE-2019-1709
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecti...
Cisco Firepower Threat Defense 6.2.0
Cisco Firepower Threat Defense 6.2.2
Cisco Firepower Threat Defense 6.0.0
Cisco Firepower Threat Defense 6.0.1
Cisco Firepower Threat Defense 6.1.0
Cisco Firepower Management Center 6.3.0
Cisco Firepower Threat Defense 6.2.1
Cisco Firepower Threat Defense 6.2.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »