Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-1491
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote malicious users to execute arbitrary code via a long string to TCP port 623.
Asus Remote Console 2.0.0.19
Asus Remote Console 2.0.0.24
2 EDB exploits
4.3
CVSSv2
CVE-2021-36755
Nightscout Web Monitor (aka cgm-remote-monitor) 14.2.2 allows XSS via a crafted X-Forwarded-For header.
Cgm-remote-monitor Project Cgm-remote-monitor 14.2.2
5
CVSSv2
CVE-2019-18864
/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated malicious user to gain sensitive information about the host machine.
Blaauwproducts Remote Kiln Control 3.0.0
Blaauwproducts Remote Kiln Control
5
CVSSv2
CVE-2019-18865
Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated malicious user to enumerate valid usernames.
Blaauwproducts Remote Kiln Control
Blaauwproducts Remote Kiln Control 3.0.0
5
CVSSv2
CVE-2019-18866
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database.
Blaauwproducts Remote Kiln Control 3.0.0
Blaauwproducts Remote Kiln Control
5
CVSSv2
CVE-2019-18868
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated malicious user to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak.
Blaauwproducts Remote Kiln Control 3.0.0
Blaauwproducts Remote Kiln Control
7.5
CVSSv2
CVE-2019-18869
Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17.
Blaauwproducts Remote Kiln Control
Blaauwproducts Remote Kiln Control 3.0.0
4
CVSSv2
CVE-2019-18870
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated malicious user to download arbitrary files from the host machine.
Blaauwproducts Remote Kiln Control
Blaauwproducts Remote Kiln Control 3.0.0
6.5
CVSSv2
CVE-2019-18871
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated malicious user to upload arbitrary files, leading to arbitrary remote code execution.
Blaauwproducts Remote Kiln Control 3.0.0
Blaauwproducts Remote Kiln Control
5
CVSSv2
CVE-2019-18872
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).
Blaauwproducts Remote Kiln Control 3.0.0
Blaauwproducts Remote Kiln Control
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »