Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
information technology vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-2128
Security guide for website operators allows remote malicious users to execute arbitrary OS commands via specially crafted saved data.
Information-technology Promotion Agency Introduction To Safe Website Operation -
4.9
CVSSv3
CVE-2024-10651
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files.
Changing Information Technology Idexpert
6.1
CVSSv3
CVE-2024-10652
IDExpert from CHANGING Information Technology does not properly validate a parameter for a specific functionality, allowing unauthenticated remote malicious users to inject JavsScript code and perform Reflected Cross-site scripting attacks.
Changing Information Technology Idexpert
8.8
CVSSv3
CVE-2024-12838
The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.
Changing Information Technology Cgfido
8.8
CVSSv3
CVE-2024-12839
The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed on their device will send an authentication signature to the website. An unauthen...
Changing Information Technology Cgfido
5.3
CVSSv3
CVE-2025-1595
A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/getbaseconfig. The manipulation leads to information disclosure. The attack can be initiated remotel...
Anhui Xufan Information Technology Easycvr
7
CVSSv3
CVE-2025-4532
A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunlogin_guard.exe. The manipulation leads to uncontrolled search path. Local access is...
Shanghai Bairui Information Technology Sunloginclient
8.5
CVSSv4
CVE-2024-6406
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: prior to 5.0.
Yordam Information Technology Mobile Library Application
5.3
CVSSv3
CVE-2024-37678
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote malicious user to execute arbitrary code via a crafted script.
Hangzhou Meisoft Information Technology Finesoft 8.0
4.3
CVSSv3
CVE-2025-0461
A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro...
Shanghai Lingdang Information Technology Lingdang Crm
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
camera
validation
CVE-2025-39395
CVE-2025-39445
andreyk
CVE-2025-4664
ciyashop
eduma
wordpress events calendar registration & tickets
CVE-2025-39376
CVE-2025-43836
CVE-2025-4918
local
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon