Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2002-1884
index.php in Py-Membres 3.1 allows remote malicious users to log in as an administrator by setting the pymembs parameter to "admin".
Py-membres Py-membres 3.1
1 EDB exploit
505
VMScore
CVE-2017-15235
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote malicious users to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Horde Groupware 5.2.21
1 EDB exploit
465
VMScore
CVE-2003-1169
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.
Datev Nutzungskontrolle 2.1
Datev Nutzungskontrolle 2.2
1 EDB exploit
409
VMScore
CVE-2001-0567
Digital Creations Zope 2.3.2 and previous versions allows a local malicious user to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
Zope Zope 7.1
Zope Zope 7.2
356
VMScore
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) prior to 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
685
VMScore
CVE-2019-1647
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent malicious user to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An att...
Cisco Sd-wan
Cisco Vsmart Controller -
755
VMScore
CVE-2007-1156
JBrowser allows remote malicious users to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
Man Machine Systems Jbrowser
1 EDB exploit
890
VMScore
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.1.0
755
VMScore
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and previous versions allows remote malicious users to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new ad...
Jiro Banner System 1.0 Experience
Jiro Banner System 1.0 Professional
1 EDB exploit
505
VMScore
CVE-2007-6056
frame.html in Aida-Web (Aida Web) allows remote malicious users to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
Aida-orga Aida-web
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »