#ExploitObserverAlert
CVE-2022-4962
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-4962. A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. VDB-250430 is the identifier assigned to this vulnerability. NOTE: The maintainer explains that user data information like user id, name, and email are not sensitive.
CVE-2022-4962
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-4962. A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. VDB-250430 is the identifier assigned to this vulnerability. NOTE: The maintainer explains that user data information like user id, name, and email are not sensitive.
#ExploitObserverAlert
CVE-2024-22206
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22206. Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.
CVE-2024-22206
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22206. Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.
#ExploitObserverAlert
CVE-2023-6448
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6448. Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
FIRST-EPSS: 0.068430000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-6448
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-6448. Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
FIRST-EPSS: 0.068430000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-12962
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-12962. LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.
FIRST-EPSS: 0.206890000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-12962
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-12962. LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.
FIRST-EPSS: 0.206890000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-51806
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-51806. File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file.
CVE-2023-51806
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-51806. File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file.
#ExploitObserverAlert
CVE-2021-44152
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2021-44152. An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid users from accessing the system and granting the attacker full access to that user's account.
FIRST-EPSS: 0.865970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44152
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2021-44152. An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid users from accessing the system and granting the attacker full access to that user's account.
FIRST-EPSS: 0.865970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-35413
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2022-35413. WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.
FIRST-EPSS: 0.622570000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-35413
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2022-35413. WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.
FIRST-EPSS: 0.622570000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-31747
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2023-31747. Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-31747
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2023-31747. Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
FIRST-EPSS: 0.000520000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-12583
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-12583. Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.
FIRST-EPSS: 0.004810000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2019-12583
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-12583. Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial of Service.
FIRST-EPSS: 0.004810000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-44515
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2021-44515. Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
FIRST-EPSS: 0.972330000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44515
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2021-44515. Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
FIRST-EPSS: 0.972330000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-19368
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-19368. A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
FIRST-EPSS: 0.006240000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-19368
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-19368. A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
FIRST-EPSS: 0.006240000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-44427
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-44427. An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
FIRST-EPSS: 0.021950000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44427
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-44427. An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
FIRST-EPSS: 0.021950000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-19625
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2020-19625. Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter.
FIRST-EPSS: 0.787770000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-19625
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2020-19625. Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter.
FIRST-EPSS: 0.787770000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-51062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51062. An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command.
CVE-2023-51062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51062. An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command.
#ExploitObserverAlert
CVE-2020-27361
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2020-27361. An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.
FIRST-EPSS: 0.031400000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-27361
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2020-27361. An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.
FIRST-EPSS: 0.031400000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-49801
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-49801. Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the `get_pfp` and `get_banner` routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving through these URLs is correct. This could allow an attacker access to files they shouldn't have access to. This issue has been patched in version 1.4.0.
CVE-2023-49801
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-49801. Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the `get_pfp` and `get_banner` routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving through these URLs is correct. This could allow an attacker access to files they shouldn't have access to. This issue has been patched in version 1.4.0.
#ExploitObserverAlert
CVE-2023-46805
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-46805. An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
NVD-IS: 4.2
NVD-ES: 3.9
CVE-2023-46805
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-46805. An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
NVD-IS: 4.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-27467
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-27467. A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
FIRST-EPSS: 0.010980000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-27467
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-27467. A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
FIRST-EPSS: 0.010980000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2024-23301
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-23301. Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
CVE-2024-23301
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-23301. Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
#ExploitObserverAlert
CVE-2023-6875
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-6875. The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.
CVE-2023-6875
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-6875. The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.
#ExploitObserverAlert
GHSA-h374-mm57-879c
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-H374-MM57-879C. The OrderAndPaginate function is used to order and paginate data. It is defined as follows:
GHSS: 7.0
GHSA-h374-mm57-879c
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-H374-MM57-879C. The OrderAndPaginate function is used to order and paginate data. It is defined as follows:
GHSS: 7.0