Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dflabs ptk vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2009-0918
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 up to and including 1.0.4 allow remote malicious users to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Dflabs Ptk 1.0.4Dflabs Ptk 1.0.2Dflabs Ptk 1.0.3Dflabs Ptk 1.0.0Dflabs Ptk 1.0.1
NA
CVE-2009-0917
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 up to and including 1.0.4 allows remote malicious users to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: ...
Dflabs Ptk 1.0.0Dflabs Ptk 1.0.1Dflabs Ptk 1.0.2Dflabs Ptk 1.0.3Dflabs Ptk 1.0.4
NA
CVE-2008-6793
The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote malicious users to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image.
Dflabs Ptk 0.2Dflabs Ptk 1.0Dflabs Ptk 0.1
NA
CVE-2012-1415
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and previous versions allows remote malicious users to hijack the authentication of administrators or investigators for requests that trigger a logout.
Dflabs Ptk
NA
CVE-2012-5901
DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote malicious users to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory.
Dflabs Ptk 1.0.5
NA
CVE-2012-5902
Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote malicious users to inject arbitrary web script or HTML via the arg4 parameter.
Dflabs Ptk 1.0.5
NA
CVE-2009-0919
XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote malicious users to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default pass...
Apachefriends Xampp 1.6.7Apachefriends Xampp 1.6.6aApachefriends Xampp 1.6.0aApachefriends Xampp 1.6.0Apachefriends Xampp 1.4.16Apachefriends Xampp 1.6.8Apachefriends Xampp 1.6.2Apachefriends Xampp 1.6.1Apachefriends Xampp 1.5.2Apachefriends Xampp 1.5.1Apachefriends Xampp 1.5.0Apachefriends Xampp 1.4.10Apachefriends Xampp 1.4.9Apachefriends Xampp 1.4.2Apachefriends Xampp 1.4Apachefriends Xampp 1.6.6Apachefriends Xampp 0.9Apachefriends Xampp 0.8.2Apachefriends Xampp 1.6.3aApachefriends Xampp 1.6.3Apachefriends Xampp 1.5.4Apachefriends Xampp 1.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypassopen redirectCVE-2024-4358CVE-2024-24199CVE-2024-5550CVE-2024-5305CVE-2024-30373CVE-2024-1800deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook