Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeroscience.mk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
NA
CVE-2015-528521
Kallithea suffers from a HTTP header injection (response splitting) vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'came_from' parameter in the login instance. This type of attack not only allows a mali...
NA
CVE-2012-217203
IBM System Storage DS Storage Manager Profiler version 4.8.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
8.8
CVSSv3
CVE-2021-26551
An issue exists in SmartFoxServer 2.17.0. An attacker can execute arbitrary Python code, and bypass the javashell.py protection mechanism, by creating /config/ConsoleModuleUnlock.txt and editing /config/admin/admintool.xml to enable the Console module.
Smartfoxserver Smartfoxserver 2.17.0
NA
CVE-2021-2654929
SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console cross site scripting vulnerability.
NA
CVE-2021-2655129
SmartFoxServer 2X version 2.17.0 suffers from a God Mode Console remote code execution vulnerability.
NA
CVE-2018-1842816
TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.
NA
CVE-2011-2461
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x prior to 4.6 allows remote malicious users to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains.
Adobe Flex Sdk 3.0
Adobe Flex Sdk 3.5a
Adobe Flex Sdk 3.6
Adobe Flex Sdk 3.0.1
Adobe Flex Sdk 3.1
Adobe Flex Sdk 3.2
Adobe Flex Sdk 4.0
Adobe Flex Sdk 4.1
Adobe Flex Sdk 3.4.1
Adobe Flex Sdk 3.5
Adobe Flex Sdk 3.3
Adobe Flex Sdk 3.4
Adobe Flex Sdk 4.5
Adobe Flex Sdk 4.5.1
13 Github repositories
1 Article
NA
CVE-2022-3475327
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) versions 1.31.460 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user via the name GET parameter in delsnap....
9.8
CVSSv3
CVE-2020-12133
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems up to and including 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
Farukawa Electric Consciousmap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »