Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
noman riffat vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-18951
SibSoft Xfilesharing up to and including 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
Sibsoft Xfilesharing
1 EDB exploit
7.5
CVSSv2
CVE-2019-16399
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an malicious user to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root pa...
Westerndigital Wd My Book Firmware
1 EDB exploit
7.5
CVSSv2
CVE-2017-17098
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) up to and including 3.0 allows remote malicious users to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_...
Gps-server Gps Tracking Software
1 EDB exploit
5
CVSSv2
CVE-2017-17097
gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote malicious users t...
Gps-server Gps Tracking Software 2.5.9
Gps-server Gps Tracking Software 2.5.8
Gps-server Gps Tracking Software 2.5.7
Gps-server Gps Tracking Software 2.5.5
Gps-server Gps Tracking Software 2.1.7
Gps-server Gps Tracking Software 2.1.6
Gps-server Gps Tracking Software 2.1.5
Gps-server Gps Tracking Software 2.1.4
Gps-server Gps Tracking Software 2.8.5
Gps-server Gps Tracking Software 2.7
Gps-server Gps Tracking Software 2.4.5
Gps-server Gps Tracking Software 2.3.5
Gps-server Gps Tracking Software 2.2.2
Gps-server Gps Tracking Software 2.2
Gps-server Gps Tracking Software 2.1.8
Gps-server Gps Tracking Software 2.1.3
Gps-server Gps Tracking Software 2.1.1
Gps-server Gps Tracking Software 2.9.1
Gps-server Gps Tracking Software 2.9
Gps-server Gps Tracking Software 2.3.2
Gps-server Gps Tracking Software 2.3
Gps-server Gps Tracking Software 2.2.7
1 EDB exploit
7.5
CVSSv2
CVE-2019-18952
SibSoft Xfilesharing up to and including 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.
Sibsoft Xfilesharing
7.5
CVSSv2
CVE-2018-9248
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header.
Fiberhome Vdsl2 Modem Hg 150-ub Firmware -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started