Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-20861
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the D...
Cisco Nexus Dashboard
NA
CVE-2007-6414
admin/administrator.php in Adult Script 1.6 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitr...
Adultscript Adultscript 1.6
1 EDB exploit
NA
CVE-2002-0995
login.php for PHPAuction allows remote malicious users to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.
Gianluca Baldo Phpauction 1.2
Gianluca Baldo Phpauction 1.3
Gianluca Baldo Phpauction 2.0
Gianluca Baldo Phpauction 2.1
1 EDB exploit
NA
CVE-2005-1817
Invision Power Board (IPB) 1.0 up to and including 1.3 allows remote malicious users to edit arbitrary forum posts via a direct request to index.php with modified parameters.
Invision Power Services Invision Board 1.0
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
1 EDB exploit
NA
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
NA
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and previous versions allows remote malicious users to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new ad...
Jiro Banner System 1.0 Experience
Jiro Banner System 1.0 Professional
1 EDB exploit
NA
CVE-2001-0283
Directory traversal vulnerability in SunFTP build 9 allows remote malicious users to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Sun Sun Ftp Build 9
1 EDB exploit
NA
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.7
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7.2480
1 EDB exploit
NA
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) prior to 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
NA
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »