Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dflabs ptk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0918
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 up to and including 1.0.4 allow remote malicious users to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Dflabs Ptk 1.0.4
Dflabs Ptk 1.0.2
Dflabs Ptk 1.0.3
Dflabs Ptk 1.0.0
Dflabs Ptk 1.0.1
NA
CVE-2009-0917
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 up to and including 1.0.4 allows remote malicious users to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: ...
Dflabs Ptk 1.0.0
Dflabs Ptk 1.0.1
Dflabs Ptk 1.0.2
Dflabs Ptk 1.0.3
Dflabs Ptk 1.0.4
NA
CVE-2008-6793
The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote malicious users to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image.
Dflabs Ptk 0.2
Dflabs Ptk 1.0
Dflabs Ptk 0.1
1 EDB exploit
NA
CVE-2012-1415
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and previous versions allows remote malicious users to hijack the authentication of administrators or investigators for requests that trigger a logout.
Dflabs Ptk
1 EDB exploit
NA
CVE-2012-5901
DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote malicious users to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory.
Dflabs Ptk 1.0.5
NA
CVE-2012-5902
Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote malicious users to inject arbitrary web script or HTML via the arg4 parameter.
Dflabs Ptk 1.0.5
NA
CVE-2009-0919
XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote malicious users to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default pass...
Apachefriends Xampp 1.6.7
Apachefriends Xampp 1.6.6a
Apachefriends Xampp 1.6.0a
Apachefriends Xampp 1.6.0
Apachefriends Xampp 1.4.16
Apachefriends Xampp 1.6.8
Apachefriends Xampp 1.6.2
Apachefriends Xampp 1.6.1
Apachefriends Xampp 1.5.2
Apachefriends Xampp 1.5.1
Apachefriends Xampp 1.5.0
Apachefriends Xampp 1.4.10
Apachefriends Xampp 1.4.9
Apachefriends Xampp 1.4.2
Apachefriends Xampp 1.4
Apachefriends Xampp 1.6.6
Apachefriends Xampp 0.9
Apachefriends Xampp 0.8.2
Apachefriends Xampp 1.6.3a
Apachefriends Xampp 1.6.3
Apachefriends Xampp 1.5.4
Apachefriends Xampp 1.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started