Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2018-7739
antsle antman prior to 0.9.1a allows remote malicious users to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web...
Antsle Antman
2 EDB exploits
668
VMScore
CVE-2021-31932
Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character.
Nokia Bts Trs Web Console Ftm W20 Fp2 2019.08.16 0010
656
VMScore
CVE-2019-15813
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
2 Github repositories
505
VMScore
CVE-2018-6180
A flaw in the profile section of Online Voting System 1.0 allows an unauthenticated user to set an arbitrary password for other accounts.
Themashabrand Online Voting Platform 1.0
1 EDB exploit
570
VMScore
CVE-2018-18061
An issue exists in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files.
Tecrail Responsive Filemanager 9.8.1
760
VMScore
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of ...
Wholehogsoftware Password Protect 1.0
2 EDB exploits
505
VMScore
CVE-2014-5300
Adaptive Computing Moab prior to 7.2.9 and 8 prior to 8.0.0 allows remote malicious users to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature.
Adaptivecomputing Moab
Adaptivecomputing Moab 8.0
1 EDB exploit
755
VMScore
CVE-2014-2595
Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote malicious users to bypass authentication by leveraging a permanent authentication token obtained from a query string.
Barracuda Web Application Firewall 7.8.1.013
1 EDB exploit
505
VMScore
CVE-2017-5496
Sawmill Enterprise 8.7.9 allows remote malicious users to gain login access by leveraging knowledge of a password hash.
Sawmill Sawmill 8.7.9
1 EDB exploit
760
VMScore
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details ...
Wholehogsoftware Ware Support 1.0
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »