Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osanda malith vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-8912
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not ...
Cmsmadesimple Cms Made Simple 2.1.6
1 EDB exploit
7.8
CVSSv2
CVE-2014-4018
The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
5
CVSSv2
CVE-2014-4019
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read backup files via a direct request for rom-0.
Zte Zxv10 W300 Firmware W300v1.0.0a Zrd Lk
1 EDB exploit
5
CVSSv2
CVE-2014-4154
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
6.8
CVSSv2
CVE-2014-4155
Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote malicious users to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.
Zte Zxv10 W300 Firmware 1.0.0a Zrd Lk
Zte Zxv10 W300 -
1 EDB exploit
9.3
CVSSv2
CVE-2018-14327
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" direc...
Ee Ee40vb Firmware
1 EDB exploit
7.2
CVSSv2
CVE-2015-2667
Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory.
Gns3 Gns3 1.2.3
4.6
CVSSv2
CVE-2014-8494
ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file.
Estsoft Alupdate 8.5.1.0.0
6.9
CVSSv2
CVE-2014-1680
Untrusted search path vulnerability in Bandisoft Bandizip prior to 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.
Bandisoft Bandizip 3.06
Bandisoft Bandizip 3.05
Bandisoft Bandizip
Bandisoft Bandizip 3.02
Bandisoft Bandizip 3.01
Bandisoft Bandizip 3.00
Bandisoft Bandizip 3.04
Bandisoft Bandizip 3.03
Bandisoft Bandizip 3.08
Bandisoft Bandizip 3.07
4.4
CVSSv2
CVE-2014-3860
Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijacking vulnerability
Xilisoft Video Converter 7.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »