Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2019-1647
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent malicious user to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An att...
Cisco Sd-wan
Cisco Vsmart Controller -
505
VMScore
CVE-2007-6056
frame.html in Aida-Web (Aida Web) allows remote malicious users to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
Aida-orga Aida-web
1 EDB exploit
725
VMScore
CVE-2003-1358
rs.F300 for HP-UX 10.0 up to and including 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Hp Hp-ux 10.16
Hp Hp-ux 10.20
Hp Hp-ux 11.04
Hp Hp-ux 11.11
Hp Hp-ux 10.09
Hp Hp-ux 10.10
Hp Hp-ux 11.0.4
Hp Hp-ux 11.00
Hp Hp-ux 10.00
Hp Hp-ux 10.24
Hp Hp-ux 10.26
Hp Hp-ux 11.20
Hp Hp-ux 11.22
Hp Hp-ux 10.01
Hp Hp-ux 10.08
Hp Hp-ux 10.30
Hp Hp-ux 10.34
1 EDB exploit
890
VMScore
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.1.0
755
VMScore
CVE-2002-0589
PVote prior to 1.9 allows remote malicious users to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.5
Steve Korbett Pvote 1.0
1 EDB exploit
755
VMScore
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
645
VMScore
CVE-2001-0283
Directory traversal vulnerability in SunFTP build 9 allows remote malicious users to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Sun Sun Ftp Build 9
1 EDB exploit
356
VMScore
CVE-2016-1477
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.
Cisco Connected Streaming Analytics 1.1.1 Base
605
VMScore
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
409
VMScore
CVE-2001-0567
Digital Creations Zope 2.3.2 and previous versions allows a local malicious user to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
Zope Zope 7.1
Zope Zope 7.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »