Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
log injection vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-12651
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details se...
Cisco Ios 16.11.1
Cisco Cloud Services Router 1000v Firmware 17.1.1
Cisco Integrated Services Virtual Router Firmware 16.6.5
9
CVSSv2
CVE-2019-12650
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details se...
Cisco Ios 16.11.1
Cisco Ios Xe 16.6.5
Cisco Ios Xe 17.1.1
7.5
CVSSv2
CVE-2019-10687
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
Kbpublisher Kbpublisher 6.0.2.1
5.5
CVSSv2
CVE-2013-6720
Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x up to and including 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. (dot dot...
Ibm Tealeaf Cx 8.4
Ibm Tealeaf Cx 8.3
Ibm Tealeaf Cx 7.2
Ibm Tealeaf Cx 8.2
Ibm Tealeaf Cx 8.0
Ibm Tealeaf Cx 8.5
Ibm Tealeaf Cx 8.6
Ibm Tealeaf Cx 8.1
Ibm Tealeaf Cx 8.8
Ibm Tealeaf Cx 8.7
Ibm Tealeaf Cx 7.1
1 EDB exploit
9
CVSSv2
CVE-2020-3224
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be exe...
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1y
NA
CVE-2021-34752
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. Cisco ...
9
CVSSv2
CVE-2021-1435
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability ...
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.2a
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.2
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.1d
Cisco Ios Xe 16.9.2s
Cisco Ios Xe 16.9.3h
Cisco Ios Xe 16.9.3a
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1f
9
CVSSv2
CVE-2020-3212
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An atta...
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1y
5
CVSSv2
CVE-2014-2179
The Cisco RV router firmware on RV220W devices, prior to 1.0.5.9 on RV120W devices, and prior to 1.0.4.14 on RV180 and RV180W devices allows remote malicious users to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998.
Cisco Rv180 Firmware
Cisco Rv180 -
Cisco Rv180w -
Cisco Rv120w Firmware
Cisco Rv120w -
Cisco Rv220w Firmware
Cisco Rv220w -
4.3
CVSSv2
CVE-2007-1229
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when v...
Nullsoft Shoutcast Server 1.9.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »