Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-21925
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘firm_filter’ parameter.
Advantech R-seenet 2.4.15
356
VMScore
CVE-2021-21931
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
Advantech R-seenet 2.4.15
356
VMScore
CVE-2021-21933
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Advantech R-seenet 2.4.15
NA
CVE-2023-5642
Advantech R-SeeNet v2.4.23 allows an unauthenticated remote malicious user to read from and write to the snmpmon.ini file, which contains sensitive information.
Advantech R-seenet 2.4.23
641
VMScore
CVE-2021-21912
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malici...
Advantech R-seenet 2.4.15
578
VMScore
CVE-2021-21917
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '‘ord’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerabili...
Advantech R-seenet 2.4.15
356
VMScore
CVE-2021-21926
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘health_filter’ parameter.
Advantech R-seenet 2.4.15
356
VMScore
CVE-2021-21932
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Advantech R-seenet 2.4.15
755
VMScore
CVE-2006-3917
PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the cfg_racine parameter.
R. Corson Php Forge
1 EDB exploit
383
VMScore
CVE-2005-4237
Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
Servers-r-us Mysqlauction
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »