Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diesel diesel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-28305
An issue exists in the diesel crate prior to 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
Diesel Diesel
7.5
CVSSv2
CVE-2008-6467
SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote malicious users to execute arbitrary SQL commands via the job_id parameter.
Dieselscripts Diesel Job Site
1 EDB exploit
7.5
CVSSv2
CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote malicious users to execute arbitrary SQL commands via the area parameter in a browse action.
Dieselscripts Diesel Pay -
1 EDB exploit
7.5
CVSSv2
CVE-2008-4150
SQL injection vulnerability in picture_category.php in Diesel Joke Site allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3763.
Dieselscripts Diesel Joke Site
1 EDB exploit
5.8
CVSSv2
CVE-2007-4843
Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
X-diesel Unreal Commander 0.92 Build573
X-diesel Unreal Commander 0.92 Build565
1 EDB exploit
4.3
CVSSv2
CVE-2007-4844
X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior after sending a "CWD /" command, which allows remote FTP servers to cause a denial of service (infinite loop) by (1) repeatedly sending a 550 error response, or (2)...
X-diesel Unreal Commander 0.92 Build565
X-diesel Unreal Commander 0.92 Build573
6.8
CVSSv2
CVE-2007-4545
Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) ZIP or (2) RAR archive.
X-diesel Unreal Commander 0.92 Build565
X-diesel Unreal Commander 0.92 Build573
1 EDB exploit
5.8
CVSSv2
CVE-2007-4546
Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP archive, but extracts to local filenames corresponding to names in Local File Header fields in this archive, which might allow remote malicious users to trick a user into performing a ...
X-diesel Unreal Commander 0.92 Build573
X-diesel Unreal Commander 0.92 Build565
4.3
CVSSv2
CVE-2007-4547
Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted malicious users to obtain sensitive information (memory contents) by reading t...
X-diesel Unreal Commander 0.92 Build565
X-diesel Unreal Commander 0.92 Build573
7.5
CVSSv2
CVE-2006-4357
PHP remote file inclusion vulnerability in clients/index.php in Diesel Smart Traffic allows remote malicious users to execute arbitrary PHP code via a URL in the src parameter.
Dieselscripts Diesel Smart Traffic
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »