Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeroscience.mk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-771505
The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. M...
NA
CVE-2015-226909
Moodle suffers from persistent cross site scripting vulnerabilities. Input passed to the POST parameters 'config_title' and 'title' thru index.php, are not properly sanitized allowing the attacker to execute HTML or JS code into user's browser session on ...
NA
CVE-2018-1842816
TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.
5.4
CVSSv3
CVE-2021-31583
Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: St...
Sipwise Next Generation Communication Platform 3.6.7
NA
CVE-2021-3158313
Sipwise software platform suffers from multiple authenticated stored and reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitr...
8.8
CVSSv3
CVE-2021-31584
Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.
Sipwise Next Generation Communication Platform 3.6.4
NA
CVE-2021-3158413
The Sipwise application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web si...
5.3
CVSSv3
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with De...
Siemens Pxc00-e.d Firmware
Siemens Pxc50-e.d Firmware
Siemens Pxc100-e.d Firmware
Siemens Pxc200-e.d Firmware
Siemens Pxa40-w0 Firmware
Siemens Pxa40-w1 Firmware
Siemens Pxa40-w2 Firmware
Siemens Pxc00-u Firmware
Siemens Pxc64-u Firmware
Siemens Pxc128-u Firmware
Siemens Pxa30-w0 Firmware
Siemens Pxa30-w1 Firmware
Siemens Pxa30-w2 Firmware
Siemens Pxc22.1-e.d Firmware
Siemens Pxc36-e.d Firmware
Siemens Pxc36.1-e.d Firmware
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
NA
CVE-2021-2654929
SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »