Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patrick hener vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-14294
An issue exists in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
Secudos Qiata Fta
1 Github repository
668
VMScore
CVE-2020-15492
An issue exists in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated malicious user to...
Inneo Startup Tools
1 Github repository
756
VMScore
CVE-2020-14293
conf_datetime in Secudos DOMOS 5.8 allows remote malicious users to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
Secudos Domos
1 Github repository
NA
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of includ...
Kardex Kardex Control Center 5.7.12\\+0-a203c2a213-master
2 Github repositories
383
VMScore
CVE-2021-44829
Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS up to and including 2.1.0 via the the ID parameter.
Afi-solutions Webacms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started