Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7196
static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.
Phpfox Phpfox 3.7.4
Phpfox Phpfox 3.7.5
Phpfox Phpfox 3.7.3
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-6180
A flaw in the profile section of Online Voting System 1.0 allows an unauthenticated user to set an arbitrary password for other accounts.
Themashabrand Online Voting Platform 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-5496
Sawmill Enterprise 8.7.9 allows remote malicious users to gain login access by leveraging knowledge of a password hash.
Sawmill Sawmill 8.7.9
1 EDB exploit
3.3
CVSSv3
CVE-2018-7289
An issue exists in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. Thi...
Teclib-edition Armadito Antivirus 0.12.7.2
1 EDB exploit
9.8
CVSSv3
CVE-2014-2595
Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote malicious users to bypass authentication by leveraging a permanent authentication token obtained from a query string.
Barracuda Web Application Firewall 7.8.1.013
1 EDB exploit
NA
CVE-2014-5300
Adaptive Computing Moab prior to 7.2.9 and 8 prior to 8.0.0 allows remote malicious users to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature.
Adaptivecomputing Moab
Adaptivecomputing Moab 8.0
1 EDB exploit
NA
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details ...
Wholehogsoftware Ware Support 1.0
2 EDB exploits
NA
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of ...
Wholehogsoftware Password Protect 1.0
2 EDB exploits
NA
CVE-2013-5581
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 EDB exploit
7.8
CVSSv3
CVE-2013-5582
Ammyy Admin 3.2 and previous versions stores the client ID at a fixed memory location, which might make it easier for user-assisted remote malicious users to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file.
Ammyy Ammyy Admin
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »