Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-28701
ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to perform arbitrary system commands, disrupt service or terminate service.
Elite Webfax -
9.8
CVSSv3
CVE-2022-24627
An issue exists in AudioCodes Device Manager Express up to and including 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the process_login.php login form.
Audiocodes Device Manager Express
9.8
CVSSv3
CVE-2023-27388
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated malicious user to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger produc...
Tandd Tr-71w Firmware
Tandd Tr-72w Firmware
Tandd Rtr-5w Firmware
Tandd Wdr-7 Firmware
Tandd Wdr-3 Firmware
Tandd Ws-2 Firmware
Especmic Rt-12n Firmware
Especmic Rs-12n Firmware
Especmic Rt-22bn Firmware
Especmic Teu-12n Firmware
9.8
CVSSv3
CVE-2023-25953
Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and previous versions allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege...
Worksmobile Drive Explorer
9.8
CVSSv3
CVE-2022-46738
The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.
Dataprobe Iboot-pdu4-n20 Firmware
Dataprobe Iboot-pdu4sa-n15 Firmware
Dataprobe Iboot-pdu4a-n15 Firmware
Dataprobe Iboot-pdu4sa-n20 Firmware
Dataprobe Iboot-pdu4a-n20 Firmware
Dataprobe Iboot-pdu8sa-n15 Firmware
Dataprobe Iboot-pdu8a-n15 Firmware
Dataprobe Iboot-pdu8sa-2n15 Firmware
Dataprobe Iboot-pdu8a-2n15 Firmware
Dataprobe Iboot-pdu8sa-n20 Firmware
Dataprobe Iboot-pdu8a-n20 Firmware
Dataprobe Iboot-pdu8a-2n20 Firmware
Dataprobe Iboot-pdu4-c20 Firmware
Dataprobe Iboot-pdu4a-c10 Firmware
Dataprobe Iboot-pdu4sa-c10 Firmware
Dataprobe Iboot-pdu8a-c10 Firmware
Dataprobe Iboot-pdu8sa-c10 Firmware
Dataprobe Iboot-pdu8a-2c20 Firmware
Dataprobe Iboot-pdu4sa-c20 Firmware
Dataprobe Iboot-pdu4a-c20 Firmware
Dataprobe Iboot-pdu8a-2c10 Firmware
Dataprobe Iboot-pdu8a-c20 Firmware
9.8
CVSSv3
CVE-2023-31062
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by se...
Apache Inlong
9.8
CVSSv3
CVE-2023-2704
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated mali...
Vibethemes Bp Social Connect
9.8
CVSSv3
CVE-2023-2799
A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploi...
Cnoa Oa Project Cnoa Oa
9.8
CVSSv3
CVE-2023-27742
IDURAR ERP/CRM v1 exists to contain a SQL injection vulnerability via the component /api/login.
Idurar Project Idurar 1.0.0
1 Github repository
9.8
CVSSv3
CVE-2023-2499
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthentic...
Metagauss Registrationmagic
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »