Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-15813
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2014-7279
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote malicious users to obtain "equipment management authority" via TCP traffic to port 23.
Kankunit Konke Smart Plug Firmware K
1 EDB exploit
9.8
CVSSv3
CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows malicious users to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Bludit Bludit 3.9.2
20 Github repositories
NA
CVE-2014-5246
The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote malicious users to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.
Tenda A5s Firmware 3.02.05 Cn
Tenda A5s -
1 EDB exploit
NA
CVE-2013-1727
Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Mozilla Firefox 19.0
Mozilla Firefox 22.0
Mozilla Firefox 20.0
Mozilla Firefox
Mozilla Firefox 19.0.2
Mozilla Firefox 19.0.1
Mozilla Firefox 23.0
Mozilla Firefox 21.0
Mozilla Firefox 20.0.1
1 EDB exploit
NA
CVE-2005-1787
setup.php in phpStat 1.5 allows remote malicious users to bypass authentication and gain administrator privileges by setting the $check variable.
Phpstat Phpstat -
3 EDB exploits
NA
CVE-2008-5589
SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote malicious users to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obt...
Katywhitton Rankem
1 EDB exploit
NA
CVE-2009-0252
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote malicious users to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are o...
Enthrallweb Ereservations
1 EDB exploit
9.8
CVSSv3
CVE-2021-33044
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Dahuasecurity Ipc-hum7xxx Firmware
Dahuasecurity Ipc-hx3xxx Firmware
Dahuasecurity Ipc-hx5xxx Firmware
Dahuasecurity Sd1a1 Firmware
Dahuasecurity Sd22 Firmware
Dahuasecurity Sd41 Firmware
Dahuasecurity Sd50 Firmware
Dahuasecurity Sd52c Firmware
Dahuasecurity Sd6al Firmware
Dahuasecurity Tpc-bf1241 Firmware
Dahuasecurity Tpc-bf2221 Firmware
Dahuasecurity Tpc-bf5x01 Firmware
Dahuasecurity Tpc-pt8x21b Firmware
Dahuasecurity Tpc-sd2221 Firmware
Dahuasecurity Tpc-sd8x21 Firmware
Dahuasecurity Vto-65xxx Firmware
Dahuasecurity Vto-75x95x Firmware
Dahuasecurity Vth-542xh Firmware
Dahuasecurity Tpc-bf5x21 Firmware
19 Github repositories
9.8
CVSSv3
CVE-2021-33045
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Dahuasecurity Ipc-hum7xxx Firmware
Dahuasecurity Ipc-hx3xxx Firmware
Dahuasecurity Ipc-hx5xxx Firmware
Dahuasecurity Nvr-1xxx Firmware
Dahuasecurity Nvr-2xxx Firmware
Dahuasecurity Nvr-4xxx Firmware
Dahuasecurity Nvr-5xxx Firmware
Dahuasecurity Nvr-6xx Firmware
Dahuasecurity Vth-542xh Firmware
Dahuasecurity Vto-65xxx Firmware
Dahuasecurity Vto-75x95x Firmware
Dahuasecurity Xvr-4x04 Firmware -
Dahuasecurity Xvr-4x08 Firmware
Dahuasecurity Xvr-4x04 Firmware
Dahuasecurity Xvr-5x04 Firmware
Dahuasecurity Xvr-5x08 Firmware
Dahuasecurity Xvr-5x16 Firmware
Dahuasecurity Xvr-7x16 Firmware
Dahuasecurity Xvr-7x32 Firmware
18 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »