Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted malicious users to modify arbitrary files via ".." (dot dot) sequences in a patch file.
Mercurial Mercurial 1.0.1
1000
VMScore
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
668
VMScore
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
516
VMScore
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vmanage Network Management System -
383
VMScore
CVE-2005-2161
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote malicious users to inject arbitrary web script or HTML via nested [url] tags.
Phpbb Group Phpbb 2.0.16
435
VMScore
CVE-2006-2089
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
Mysmartbb Mysmartbb 1.1.3
Mysmartbb Mysmartbb 1.1.2
1 EDB exploit
570
VMScore
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
NA
CVE-2022-27644
This vulnerability allows network-adjacent malicious users to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
Netgear R6400 Firmware
Netgear R6700 Firmware
Netgear R6900p Firmware
Netgear R7000 Firmware
Netgear R7000p Firmware
Netgear R7850 Firmware
Netgear R7960p Firmware
Netgear R8000 Firmware
Netgear R8000p Firmware
Netgear Rax200 Firmware
Netgear Rax75 Firmware
Netgear Rax80 Firmware
Netgear Rs400 Firmware
Netgear Cbr40 Firmware
Netgear Lbr1020 Firmware
Netgear Lbr20 Firmware
Netgear Rbr10 Firmware
Netgear Rbr20 Firmware
Netgear Rbr40 Firmware
Netgear Rbr50 Firmware
Netgear Rbs10 Firmware
Netgear Rbs20 Firmware
1000
VMScore
CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
1 EDB exploit
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »