Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
super vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2018-20162
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.
Digi Transport Lr54 Firmware
1 Github repository
9.8
CVSSv3
CVE-2023-5604
The Asgaros Forum WordPress plugin prior to 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execut...
Asgaros Asgaros Forum
9.8
CVSSv3
CVE-2023-41294
The DP module has a service hijacking vulnerability.Successful exploitation of this vulnerability may affect some Super Device services.
Huawei Harmonyos 2.1.0
9.8
CVSSv3
CVE-2023-38912
SQL injection vulnerability in Super Store Finder PHP Script v.3.6 allows a remote malicious user to execute arbitrary code via a crafted payload to the username parameter.
Superstorefinder Php Script 3.6
9.8
CVSSv3
CVE-2023-41507
Super Store Finder v3.6 exists to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters.
Superstorefinder Super Store Finder 3.6
1 Github repository
9.8
CVSSv3
CVE-2023-41508
A hard coded password in Super Store Finder v3.6 allows malicious users to access the administration panel.
Superstorefinder Super Store Finder 3.6
1 Github repository
9.8
CVSSv3
CVE-2023-3751
A vulnerability was found in Super Store Finder 3.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component POST Parameter Handler. The manipulation of the argument products leads to sql injection. The ...
Superstorefinder Super Store Finder 3.6
9.8
CVSSv3
CVE-2023-27192
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an malicious user to cause a denial of service via the key_wifi_safe_net_check_url, KEY_Cirus_scan_whitelist and KEY_AD_NEW_USER_AVOID_TIME parameters.
Dualspace Super Security 2.3.7
9.8
CVSSv3
CVE-2022-47767
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects all Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 (included).
Solar-log Solar-log 250 Firmware
Solar-log Solar-log 300 Firmware
Solar-log Solar-log 500 Firmware
Solar-log Solar-log 800e Firmware
Solar-log Solar-log 1000 Firmware
Solar-log Solar-log 1000 Pm\\+ Firmware
Solar-log Solar-log 1200 Firmware
Solar-log Solar-log 2000 Firmware
Solar-log Solar-log 50 Firmware
9.8
CVSSv3
CVE-2022-45778
https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator...
Hillstonenet Sc-6000-wv02 Firmware
Hillstonenet Sc-6000-wv04 Firmware
Hillstonenet Sc-6000-wv08 Firmware
Hillstonenet Sc-6000-wv12 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »