Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weather vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-18880
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a networkdiags.php reflected Cross-site scripting (XSS) vulnerability allows remote authenticated users to inject arbitrary web script.
Columbiaweather Weather Microserver Firmware Ms 2.6.9900
445
VMScore
CVE-2017-16149
zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Zwserver Project Zwserver
312
VMScore
CVE-2018-18875
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a stored Cross-site scripting (XSS) vulnerability allows remote authenticated users to inject arbitrary web script via changestationname.php.
Columbiaweather Weather Microserver Firmware Ms 2.6.9900
445
VMScore
CVE-2018-18876
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.
Columbiaweather Weather Microserver Firmware Ms 2.6.9900
409
VMScore
CVE-2022-25815
PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local malicious users to perform unauthorized action without permission via hijacking the PendingIntent.
Google Android 10.0
Google Android 11.0
NA
CVE-2024-3108
An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.
445
VMScore
CVE-2017-16110
weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Weather.swlyons Project Weather.swlyons 0.1.4
Weather.swlyons Project Weather.swlyons 0.1.6
Weather.swlyons Project Weather.swlyons 0.1.1
Weather.swlyons Project Weather.swlyons 0.1.2
Weather.swlyons Project Weather.swlyons 0.1.3
Weather.swlyons Project Weather.swlyons 0.1.5
578
VMScore
CVE-2018-18879
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
Columbiaweather Weather Microserver Firmware Ms 2.6.9900
187
VMScore
CVE-2021-3720
An information disclosure vulnerability was reported in the Time Weather system widget on Legion Phone Pro (L79031) and Legion Phone2 Pro (L70081) that could allow other applications to access device GPS data.
Lenovo Legion Phone Pro \\(l79031\\)firmware
Lenovo Legion Phone2 Pro \\(l70081\\) Firmware
435
VMScore
CVE-2008-1348
Cross-site scripting (XSS) vulnerability in index.php in the eWebsite eWeather (Weather) module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the chart parameter to modules.php.
Ewebsite Eweather
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »