Max CVSS 9.3 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-11742 5.0
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
13-09-2021 - 11:13 26-12-2018 - 21:29
CVE-2018-11741 5.0
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
13-09-2021 - 11:13 26-12-2018 - 21:29
CVE-2014-5006 7.5
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter to mdm/mdmLogUploader.
17-01-2020 - 22:15 21-10-2014 - 15:55
CVE-2014-5005 7.5
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an LFU action to statusUpdate.
17-01-2020 - 22:15 21-10-2014 - 15:55
CVE-2018-15716 9.0
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
09-10-2019 - 23:35 30-11-2018 - 20:29
CVE-2018-19799 4.3
Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS.
14-01-2019 - 19:46 26-12-2018 - 21:29
CVE-2018-19750 3.5
DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields.
27-12-2018 - 17:57 29-11-2018 - 22:29
CVE-2018-19749 3.5
DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field.
21-12-2018 - 14:50 29-11-2018 - 22:29
CVE-2018-19751 3.5
DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields.
21-12-2018 - 14:49 29-11-2018 - 22:29
CVE-2018-19752 3.5
DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
21-12-2018 - 14:48 29-11-2018 - 22:29
CVE-2007-5603 9.3
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry
15-10-2018 - 21:45 05-11-2007 - 18:46
Back to Top Mark selected
Back to Top