Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matthew murphy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1455
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote malicious users to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
Omnicron Omnihttpd
2 EDB exploits
NA
CVE-2002-2192
Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote malicious users to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.
Perception Liteserve 2.0.1
2 EDB exploits
NA
CVE-2002-2309
php.exe in PHP 3.0 up to and including 4.2.2, when running on Apache, does not terminate properly, which allows remote malicious users to cause a denial of service via a direct request without arguments.
Php Php 3.0.1
Php Php 3.0.11
Php Php 3.0.16
Php Php 3.0.18
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.2.1
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.15
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.2
Php Php 3.0.3
Php Php 3.0.4
Php Php 3.0.5
1 EDB exploit
NA
CVE-2002-1457
SQL injection vulnerability in search.php for L-Forum 2.40 allows remote malicious users to execute arbitrary SQL statements via the search parameter.
Leszek Krupinski L-forum 2.4.0
1 EDB exploit
NA
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
1 EDB exploit
NA
CVE-2002-1497
Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and previous versions allows remote malicious users to insert arbitrary HTML into a "404 Not Found" response.
Nulllogic Null Httpd
1 EDB exploit
NA
CVE-2002-1499
Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote malicious users to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) t...
Factosystem Factosystem Weblog 0.9b
Factosystem Factosystem Weblog 1.0 Beta
Factosystem Factosystem Weblog 1.1 Beta
1 EDB exploit
NA
CVE-2003-0245
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 up to and including 2.0.45 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML ...
Apache Http Server 2.0.42
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.38
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.43
1 EDB exploit
NA
CVE-2002-1209
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote malicious users to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
Solarwinds Tftp Server 5.0.55 Standard
1 EDB exploit
NA
CVE-2002-1683
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote malicious users to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
Working Resources Inc. Badblue Personal 1.7.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »