Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
10
CVSSv3
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with...
Paloaltonetworks Pan-os 10.2.7
Paloaltonetworks Pan-os 10.2.2
Paloaltonetworks Pan-os 10.2.6
Paloaltonetworks Pan-os 10.2.5
Paloaltonetworks Pan-os 10.2.3
Paloaltonetworks Pan-os 10.2.4
Paloaltonetworks Pan-os 10.2.1
Paloaltonetworks Pan-os 10.2.0
Paloaltonetworks Pan-os 10.2.9
Paloaltonetworks Pan-os 11.1.1
Paloaltonetworks Pan-os 11.0.2
Paloaltonetworks Pan-os 11.1.0
Paloaltonetworks Pan-os 11.1.2
Paloaltonetworks Pan-os 11.0.4
Paloaltonetworks Pan-os 11.0.3
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os 11.0.1
Paloaltonetworks Pan-os 10.2.8
42 Github repositories
7 Articles
NA
CVE-2024-30850
An issue in tiagorlampert CHAOS v5.0.1 allows a remote malicious user to execute arbitrary code via the BuildClient function within client_service.go
NA
CVE-2024-31819
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote malicious user to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
1 Github repository
NA
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote malicious user to execute arbitrary code via the login.php component.
1 Github repository
NA
CVE-2024-2389
In Flowmon versions before 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.
1 Github repository
1 Article
NA
CVE-2024-24725
Gibbon up to and including 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
1 Metasploit module
NA
CVE-2024-2054
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.
1 Metasploit module
1 Github repository
9.8
CVSSv3
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
9.8
CVSSv3
CVE-2024-27198
In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Jetbrains Teamcity
1 Metasploit module
14 Github repositories
6 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »