Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sid vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-46308
An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter.
Online Railway Reservation System Project Online Railway Reservation System 1.0
10
CVSSv2
CVE-2020-29659
A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous malicious user to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.
Flexense Dupscout 10.0.18
10
CVSSv2
CVE-2020-25223
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
Sophos Unified Threat Management
Sophos Unified Threat Management 9.511
Sophos Unified Threat Management 9.607
Sophos Unified Threat Management 9.705
3 Github repositories
10
CVSSv2
CVE-2020-6287
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
1 Metasploit module
9 Github repositories
2 Articles
10
CVSSv2
CVE-2020-7980
Intellian Aptus Web 1.24 allows remote malicious users to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
Intelliantech Aptus Web 1.24
1 Github repository
10
CVSSv2
CVE-2019-11448
An issue exists in Zoho ManageEngine Applications Manager 11.0 up to and including 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.jsp sid SQL injection vulnerability. For example, the attacker can subsequently write arbitrary text ...
Zohocorp Manageengine Applications Manager
10
CVSSv2
CVE-2017-7376
Buffer overflow in libxml2 allows remote malicious users to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
Xmlsoft Libxml2
Google Android 7.1.2
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Google Android 4.4.4
Google Android 7.0
Google Android 5.1.1
Google Android 7.1.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
10
CVSSv2
CVE-2016-2099
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and previous versions allows context-dependent malicious users to have unspecified impact via an invalid character in an XML document.
Apache Xerces-c++
Opensuse Opensuse 13.2
10
CVSSv2
CVE-2015-0857
Cool Projects TarDiff allows remote malicious users to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.
Tardiff Project Tardiff -
Debian Debian Linux 8.0
10
CVSSv2
CVE-2016-4422
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent malicious users to bypass authentication or gain privileges via a system user account.
Libpam-sshauth Project Libpam-sshauth -
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »