Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
valentin lobstein vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-22902
Vinchin Backup & Recovery v7.2 exists to be configured with default root credentials.
Vinchin Vinchin Backup And Recovery
1 Github repository
8.8
CVSSv3
CVE-2024-22903
Vinchin Backup & Recovery v7.2 exists to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
Vinchin Vinchin Backup And Recovery
1 Github repository
9.8
CVSSv3
CVE-2022-35866
This vulnerability allows remote malicious users to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MySQL server. The...
Vinchin Vinchin Backup And Recovery 6.5.0.17561
NA
CVE-2024-30920
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the render-document.php component.
NA
CVE-2024-30921
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the photo.php component.
NA
CVE-2024-30922
SQL Injection vulnerability in DerbyNet v9.0 allows a remote malicious user to execute arbitrary code via the where Clause in Award Document Rendering.
NA
CVE-2024-30923
SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the where Clause in Racer Document Rendering
NA
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the checkin.php component.
NA
CVE-2024-30925
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the photo-thumbs.php component.
NA
CVE-2024-30926
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary code via the ./inc/kiosks.inc component.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »