Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro andujar vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-4727
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to obtain sensitive information via a request to Admin/top.aspx.
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
1 EDB exploit
7.5
CVSSv2
CVE-2013-4091
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote malicious users to obtain access by ...
Imperva Securesphere 9.0.0.5
1 EDB exploit
5
CVSSv2
CVE-2013-4092
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent malicious users to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the...
Imperva Securesphere 9.0.0.5
1 EDB exploit
5
CVSSv2
CVE-2013-4093
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote malicious users to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation ...
Imperva Securesphere 9.0.0.5
1 EDB exploit
6.5
CVSSv2
CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
Imperva Securesphere 9.0.0.5
1 EDB exploit
9
CVSSv2
CVE-2013-4096
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field.
Ds3 Authentication Server -
1 EDB exploit
5
CVSSv2
CVE-2013-4097
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message.
Ds3 Authentication Server -
1 EDB exploit
5
CVSSv2
CVE-2013-4098
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote malicious users to inject arbitrary error-page text via the message parameter.
Ds3 Authentication Server -
1 EDB exploit
4.3
CVSSv2
CVE-2013-4722
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) u...
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
5.8
CVSSv2
CVE-2013-4723
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the l parameter to track.aspx.
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »