Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2019-13359
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
828
VMScore
CVE-2006-2779
Mozilla Firefox and Thunderbird prior to 1.5.0.4 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views...
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5
Mozilla Firefox Preview Release
Mozilla Thunderbird 0.9
Mozilla Thunderbird 1.0
Mozilla Thunderbird 1.5.1
Mozilla Thunderbird 1.5.2
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.2
Mozilla Thunderbird 0.6
Mozilla Thunderbird 0.7
Mozilla Thunderbird 1.0.1
Mozilla Thunderbird 1.0.2
Mozilla Thunderbird 1.0.5
Mozilla Thunderbird 1.5
Mozilla Firefox 0.9.1
805
VMScore
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php Php
Php Php 5.3.10
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.8
Php Php 5.3.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.15
Php Php 5.2.16
4 EDB exploits
2 Nmap scripts
17 Github repositories
1 Article
801
VMScore
CVE-2021-25310
The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated malicious users to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This o...
Belkin Linksys Wrt160nl Firmware 1.0.04.002 Us 20130619
756
VMScore
CVE-2022-24247
RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated malicious user to overwrite any file in the web root (along with any other file on the server that the PH...
Ritecms Ritecms
756
VMScore
CVE-2022-24248
RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated malicious user to delete any file in the web root (along with any other file on the server that the PHP pr...
Ritecms Ritecms
755
VMScore
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote malicious users to gain full access via change password requests because there is no session management.
Clonos Clonos 19.09
1 EDB exploit
755
VMScore
CVE-2019-13360
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
755
VMScore
CVE-2018-18322
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
755
VMScore
CVE-2018-8898
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated malicious users to perform arbitrary modification (r...
Dlink Dsl-3782 Firmware 3.10.0.24
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »