Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patrick hener vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2020-14293
conf_datetime in Secudos DOMOS 5.8 allows remote malicious users to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
Secudos Domos
1 Github repository
383
VMScore
CVE-2020-14294
An issue exists in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
Secudos Qiata Fta
1 Github repository
668
VMScore
CVE-2020-15492
An issue exists in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated malicious user to...
Inneo Startup Tools
1 Github repository
NA
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of includ...
Kardex Kardex Control Center 5.7.12\\+0-a203c2a213-master
2 Github repositories
383
VMScore
CVE-2021-44829
Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS up to and including 2.1.0 via the the ID parameter.
Afi-solutions Webacms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started