Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web frontend vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-9474
The S. Siedle & Soehne SG 150-0 Smart Gateway prior to 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.
Siedle Sg 150-0 Firmware
9
CVSSv2
CVE-2020-10795
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.
Gira Tks-ip-gateway Firmware 4.0.7.7
8.8
CVSSv2
CVE-2020-3158
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote malicious user to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a def...
Cisco Smart Software Manager On-prem
1 Article
8.5
CVSSv2
CVE-2009-3631
The Backend subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2, when the DAM extension or ftp upload is enabled, allows remote authenticated users to execute arbitrary commands via shell metacharacters in ...
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.3
Typo3 Typo3 4.3
Typo3 Typo3 1.3.0
Typo3 Typo3 1.3.2
Typo3 Typo3 3.7.1
Typo3 Typo3 3.7.x
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.10
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.12
Typo3 Typo3 4.1.11
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 1.1
Typo3 Typo3 1.1.09
Typo3 Typo3 3.5
7.5
CVSSv2
CVE-2021-30461
A remote code execution issue exists in the web UI of VoIPmonitor prior to 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php.
Voipmonitor Voipmonitor
3 Github repositories
7.5
CVSSv2
CVE-2020-12606
An issue exists in DB Soft SGLAC prior to 20.05.001. The ProcedimientoGenerico method in the SVCManejador.svc webservice of the SGLAC web frontend allows an malicious user to run arbitrary SQL commands on the SQL Server. Command execution can be easily achieved by using the xp_cm...
Dbsoft Sglac
7.5
CVSSv2
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2019-12525
An issue exists in Squid 3.3.9 up to and including 3.5.28 and 4.x up to and including 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token'...
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
7.5
CVSSv2
CVE-2016-10134
SQL injection vulnerability in Zabbix prior to 2.2.14 and 3.0 prior to 3.0.4 allows remote malicious users to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
Zabbix Zabbix 3.0.0
Zabbix Zabbix 3.0.2
Zabbix Zabbix
Zabbix Zabbix 3.0.3
Zabbix Zabbix 3.0.1
7.5
CVSSv2
CVE-2014-2709
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified parameters.
Cacti Cacti
Debian Debian Linux 7.0
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »