Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
badblue badblue vulnerabilities and exploits
(subscribe to this query)
765
VMScore
CVE-2007-6377
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and previous versions allows remote malicious users to execute arbitrary code via a long query string.
Badblue Badblue
3 EDB exploits
755
VMScore
CVE-2007-6378
Directory traversal vulnerability in upload.dll in BadBlue 2.72b and previous versions allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.
Badblue Badblue
1 EDB exploit
505
VMScore
CVE-2007-6379
BadBlue 2.72b and previous versions allows remote malicious users to obtain sensitive information via an invalid browse parameter, which reveals the installation path in an error message.
Badblue Badblue
1 EDB exploit
668
VMScore
CVE-2008-2003
BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote malicious users to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dy...
Badblue Badblue 2.72
668
VMScore
CVE-2002-0326
Cross-site scripting vulnerability in BadBlue prior to 1.6.1 beta allows remote malicious users to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
Working Resources Inc. Badblue 1.2.7
Working Resources Inc. Badblue 1.2.8
Working Resources Inc. Badblue 1.5
Working Resources Inc. Badblue 1.5.6 Beta
Working Resources Inc. Badblue 1.6.1 Beta
755
VMScore
CVE-2002-2170
Working Resources Inc. BadBlue Enterprise Edition 1.7 up to and including 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote malicious users to execute arbitrary code via a web p...
Working Resources Inc. Badblue Enterprise 1.7
Working Resources Inc. Badblue Enterprise 1.7.2
Working Resources Inc. Badblue Enterprise 1.7.3
Working Resources Inc. Badblue Enterprise 1.7.4
1 EDB exploit
435
VMScore
CVE-2002-1685
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote malicious users to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
Working Resources Inc. Badblue Enterprise 1.7.2
Working Resources Inc. Badblue Personal 1.7
Working Resources Inc. Badblue Personal 1.7.2
1 EDB exploit
505
VMScore
CVE-2002-0325
Directory traversal vulnerability in BadBlue prior to 1.6.1 allows remote malicious users to read arbitrary files via a ... (modified dot dot) in the URL.
Working Resources Inc. Badblue 1.5.6 Beta
Working Resources Inc. Badblue 1.6 Beta
1 EDB exploit
505
VMScore
CVE-2002-1021
BadBlue server allows remote malicious users to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
Working Resources Inc. Badblue 1.7.3 Enterprise
Working Resources Inc. Badblue 1.7.3 Personal
1 EDB exploit
668
VMScore
CVE-2002-1022
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote malicious users to gain privileges.
Working Resources Inc. Badblue 1.7.3 Enterprise
Working Resources Inc. Badblue 1.7.3 Personal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »