Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeroscience.mk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-771505
The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. M...
9.8
CVSSv3
CVE-2020-12133
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems up to and including 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
Farukawa Electric Consciousmap
NA
CVE-2012-217203
IBM System Storage DS Storage Manager Profiler version 4.8.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
8.8
CVSSv3
CVE-2022-34753
A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known...
Schneider-electric Spacelogic C-bus Home Controller Firmware
1 Github repository
NA
CVE-2022-3475327
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) versions 1.31.460 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user via the name GET parameter in delsnap....
NA
CVE-2021-3158313
Sipwise software platform suffers from multiple authenticated stored and reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitr...
8.8
CVSSv3
CVE-2021-31584
Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.
Sipwise Next Generation Communication Platform 3.6.4
NA
CVE-2015-226909
Moodle suffers from persistent cross site scripting vulnerabilities. Input passed to the POST parameters 'config_title' and 'title' thru index.php, are not properly sanitized allowing the attacker to execute HTML or JS code into user's browser session on ...
5.4
CVSSv3
CVE-2021-26549
An XSS issue exists in SmartFoxServer 2.17.0. Input passed to the AdminTool console is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML code in a user's browser session in context of an affected site.
Smartfoxserver Smartfoxserver 2.17.0
NA
CVE-2021-2654929
SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »