Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-10043
An issue exists in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi exists to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output in the applicatio...
Mrf Web Panel 9.0.1
1 EDB exploit
10
CVSSv2
CVE-2014-8362
Vivint Sky Control Panel 1.1.1.9926 allows remote malicious users to enable and disable the alarm system and modify other security settings via the Web-enabled interface.
Vivint Sky Control Panel Firmware 1.1.1.9926
10
CVSSv2
CVE-2013-1489
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote malicious users to bypass the "Very High" security le...
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
10
CVSSv2
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
10
CVSSv2
CVE-2008-1262
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote malicious users to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified reques...
Airspan Wimax Prost 4.1
1 EDB exploit
9.3
CVSSv2
CVE-2018-20219
An issue exists on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the source c...
Teracue Enc-400 Hdmi Firmware
Teracue Enc-400 Hdmi2 Firmware
Teracue Enc-400 Hdsdi Firmware
1 EDB exploit
9.3
CVSSv2
CVE-2017-3823
An issue exists in the Cisco WebEx Extension prior to 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container prior to 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin prior to 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX ...
Cisco Activetouch General Plugin Container 105
Cisco Webex
Cisco Download Manager 2.1.0.9
Cisco Gpccontainer Class
Cisco Webex Meetings Server 2.0 Mr7
Cisco Webex Meetings Server 2.0 Mr8
Cisco Webex Meetings Server 2.5 Mr1
Cisco Webex Meetings Server 2.5 Mr2
Cisco Webex Meetings Server 2.5 Mr6
Cisco Webex Meetings Server 2.6 Mr3
Cisco Webex Meetings Server 2.7 Base
Cisco Webex Meetings Server 2.0 Base
Cisco Webex Meetings Server 2.0 Mr2
Cisco Webex Meetings Server 2.0 Mr9
Cisco Webex Meetings Server 2.5 Mr3
Cisco Webex Meetings Server 2.6 Base
Cisco Webex Meetings Server 2.6 Mr1
Cisco Webex Meetings Server 2.7 Mr1
Cisco Webex Meetings Server 2.0 Mr5
Cisco Webex Meetings Server 2.0 Mr6
Cisco Webex Meetings Server 2.5 Base
Cisco Webex Meetings Server 2.5 Mr5
2 Articles
9.3
CVSSv2
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote malicious users to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
2 EDB exploits
3 Github repositories
23 Articles
9.3
CVSSv2
CVE-2006-2779
Mozilla Firefox and Thunderbird prior to 1.5.0.4 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views...
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5
Mozilla Firefox Preview Release
Mozilla Thunderbird 0.9
Mozilla Thunderbird 1.0
Mozilla Thunderbird 1.5.1
Mozilla Thunderbird 1.5.2
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.2
Mozilla Thunderbird 0.6
Mozilla Thunderbird 0.7
Mozilla Thunderbird 1.0.1
Mozilla Thunderbird 1.0.2
Mozilla Thunderbird 1.0.5
Mozilla Thunderbird 1.5
Mozilla Firefox 0.9.1
9
CVSSv2
CVE-2021-25310
The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated malicious users to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This o...
Belkin Linksys Wrt160nl Firmware 1.0.04.002 Us 20130619
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »