Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ramikan vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-17504
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script via the /osm/report/ password parameter.
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
6.1
CVSSv3
CVE-2019-9592
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 19.45.1602.0 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Mitel Connect Onsite 19.45.1602.0
1 EDB exploit
6.1
CVSSv3
CVE-2019-9593
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Mitel Connect Onsite 18.82.2000.0
1 EDB exploit
6.1
CVSSv3
CVE-2019-9591
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE prior to 19.49.1500.0 allows remote malicious users to inject arbitrary web script or HTML via the brandUrl parameter.
Mitel Connect Onsite
1 EDB exploit
5.3
CVSSv3
CVE-2019-17503
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes...
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
6.1
CVSSv3
CVE-2019-10887
A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote malicious users to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data...
Salicru Slc-20-cube3\\(5\\) Cs121-snmp 4.54.82.130611
1 EDB exploit
6.1
CVSSv3
CVE-2019-1943
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an ...
Cisco Sg200-50 Firmware -
Cisco Sg200-50p Firmware -
Cisco Sg200-50fp Firmware -
Cisco Sg200-26 Firmware -
Cisco Sg200-26p Firmware -
Cisco Sg200-26fp Firmware -
Cisco Sg200-18 Firmware -
Cisco Sg200-10fp Firmware -
Cisco Sg200-08 Firmware -
Cisco Sg200-08p Firmware -
Cisco Sf200-24 Firmware -
Cisco Sf200-24p Firmware -
Cisco Sf200-24fp Firmware -
Cisco Sf200-48 Firmware -
Cisco Sf200-48p Firmware -
Cisco Sf302-08pp Firmware 1.3.7.18
Cisco Sf302-08mpp Firmware 1.3.7.18
Cisco Sg300-10pp Firmware 1.3.7.18
Cisco Sg300-10mpp Firmware 1.3.7.18
Cisco Sf300-24pp Firmware 1.3.7.18
Cisco Sf300-48pp Firmware 1.3.7.18
Cisco Sg300-28pp Firmware 1.3.7.18
1 EDB exploit
6.1
CVSSv3
CVE-2021-20031
A Host Header Redirection vulnerability in SonicOS potentially allows a remote malicious user to redirect firewall management users to arbitrary web domains.
Sonicwall Sonicos
8.6
CVSSv3
CVE-2019-16645
An issue exists in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack.
Embedthis Goahead 2.5.0
1 EDB exploit
6.1
CVSSv3
CVE-2020-25901
Host Header Injection in Spiceworks 7.5.7.0 allowing the malicious user to render arbitrary links that point to a malicious website with poisoned Host header webpages.
Spiceworks Spiceworks 7.5.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »