Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-7237
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and previous versions, when running on Windows, allows remote malicious users to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess t...
Twiki Twiki
Microsoft Windows -
NA
CVE-2009-0297
SQL injection vulnerability in login_check.asp in ClickAuction allows remote malicious users to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
Clicktech Clickauction Nil
1 EDB exploit
NA
CVE-2009-1804
Multiple SQL injection vulnerabilities in admin/index.php in VideoScript.us YouTube Video Script allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Videoscript Youtube Video Script -
1 EDB exploit
NA
CVE-2009-4870
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote malicious users to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party in...
Phpcityportal Phpcityportal
1 EDB exploit
NA
CVE-2012-0913
SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote malicious users to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information.
Icloudcenter Ictimeattendance 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote malicious user to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
Articatech Web Proxy 4.30.000000
1 Github repository
NA
CVE-2008-5632
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party informa...
Activewebsoftwares Active Time Billing 3.2
2 EDB exploits
NA
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
9.8
CVSSv3
CVE-2018-11094
An issue exists on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, passwo...
Intelbras Ncloud 300 Firmware 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote malicious users to bypass the xss_clean() Filter and perform XSS attacks.
Codeigniter Codeigniter
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »