Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-3542
A vulnerability in Cisco Webex Training could allow an authenticated, remote malicious user to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. ...
Cisco Webex Training
645
VMScore
CVE-2001-0283
Directory traversal vulnerability in SunFTP build 9 allows remote malicious users to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Sun Sun Ftp Build 9
1 EDB exploit
605
VMScore
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
356
VMScore
CVE-2016-1477
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.
Cisco Connected Streaming Analytics 1.1.1 Base
890
VMScore
CVE-2019-15260
A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected d...
Cisco Aironet 1540 Firmware
Cisco Aironet 1560 Firmware
Cisco Aironet 1800 Firmware
Cisco Aironet 2800 Firmware
Cisco Aironet 3800 Firmware
Cisco Aironet 4800 Firmware
755
VMScore
CVE-2002-0589
PVote prior to 1.9 allows remote malicious users to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.5
Steve Korbett Pvote 1.0
1 EDB exploit
668
VMScore
CVE-2003-0162
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote malicious users to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
Ecartis Ecartis 1.0.0 Snapshot 2002-10-13
505
VMScore
CVE-2005-1817
Invision Power Board (IPB) 1.0 up to and including 1.3 allows remote malicious users to edit arbitrary forum posts via a direct request to index.php with modified parameters.
Invision Power Services Invision Board 1.0
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
1 EDB exploit
505
VMScore
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.7
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7.2480
1 EDB exploit
725
VMScore
CVE-2003-1358
rs.F300 for HP-UX 10.0 up to and including 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Hp Hp-ux 10.16
Hp Hp-ux 10.20
Hp Hp-ux 11.04
Hp Hp-ux 11.11
Hp Hp-ux 10.09
Hp Hp-ux 10.10
Hp Hp-ux 11.0.4
Hp Hp-ux 11.00
Hp Hp-ux 10.00
Hp Hp-ux 10.24
Hp Hp-ux 10.26
Hp Hp-ux 11.20
Hp Hp-ux 11.22
Hp Hp-ux 10.01
Hp Hp-ux 10.08
Hp Hp-ux 10.30
Hp Hp-ux 10.34
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »