Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2004-2636
TinyWeb 1.9 allows remote malicious users to read source code of scripts via "/./" in the URL.
1 EDB exploit
445
VMScore
CVE-2015-2073
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to read arbitrary files via a full pathname, aka SAP Note 2018682.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2017-6629
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote malicious user to access files in arbitrary locations on the filesystem of an affected device. The issue is due to improper sanitization of user-supplied input in HTT...
Cisco Unity Connection 10.5\\(2\\)
187
VMScore
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
578
VMScore
CVE-2015-6417
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and previous versions does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CS...
Cisco Videoscape Distribution Suite Service Manager 3.4.0
Cisco Videoscape Distribution Suite Service Manager 3.2.0
Cisco Videoscape Distribution Suite Service Manager 3.0.0
Cisco Videoscape Distribution Suite Service Manager 3.1.0
Cisco Videoscape Distribution Suite Service Manager 3.3.0
294
VMScore
CVE-2019-1805
A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent malicious user to access a CLI instance on an affected device. The vulnerability is due ...
Cisco Wireless Lan Controller Software 8.3\\(141.0\\)
890
VMScore
CVE-2014-0721
The Cisco Unified SIP Phone 3905 with firmware prior to 9.4(1) allows remote malicious users to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574.
Cisco Unified Sip Phone 3905 -
755
VMScore
CVE-2001-1188
mailto.exe in Brian Dorricott MAILTO 1.0.9 and previous versions allows remote malicious users to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.
Brian Dorricott Mailto 1.0.7
Brian Dorricott Mailto 1.0.8
Brian Dorricott Mailto 1.0.9
1 EDB exploit
505
VMScore
CVE-2000-0705
ntop running in web mode allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Luca Deri Ntop 1.2a7 9
1 EDB exploit
668
VMScore
CVE-2018-0130
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote malicious user to gain administrative access to an affected system. The vulnerability is due to the presence of stati...
Cisco Virtual Managed Services 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »