Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

matthew murphy vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2002-1455
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote malicious users to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
Omnicron Omnihttpd
NA
CVE-2002-2192
Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote malicious users to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.
Perception Liteserve 2.0.1
NA
CVE-2002-2309
php.exe in PHP 3.0 up to and including 4.2.2, when running on Apache, does not terminate properly, which allows remote malicious users to cause a denial of service via a direct request without arguments.
Php Php 3.0.1Php Php 3.0.11Php Php 3.0.16Php Php 3.0.18Php Php 3.0.8Php Php 4.0Php Php 4.0.4Php Php 4.0.6Php Php 4.1.0Php Php 4.1.2Php Php 4.2.1Php Php 3.0.12Php Php 3.0.13Php Php 3.0.14Php Php 3.0.15Php Php 4.0.1Php Php 4.0.2Php Php 4.0.3Php Php 4.2.2Php Php 3.0.3Php Php 3.0.4Php Php 3.0.5
NA
CVE-2002-1457
SQL injection vulnerability in search.php for L-Forum 2.40 allows remote malicious users to execute arbitrary SQL statements via the search parameter.
Leszek Krupinski L-forum 2.4.0
NA
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
NA
CVE-2002-1497
Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and previous versions allows remote malicious users to insert arbitrary HTML into a "404 Not Found" response.
Nulllogic Null Httpd
NA
CVE-2002-1499
Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote malicious users to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) t...
Factosystem Factosystem Weblog 0.9bFactosystem Factosystem Weblog 1.0 BetaFactosystem Factosystem Weblog 1.1 Beta
NA
CVE-2003-0245
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 up to and including 2.0.45 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML ...
Apache Http Server 2.0.42Apache Http Server 2.0.37Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.41Apache Http Server 2.0.38Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.43
NA
CVE-2002-1209
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote malicious users to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
Solarwinds Tftp Server 5.0.55 Standard
NA
CVE-2002-1683
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote malicious users to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
Working Resources Inc. Badblue Personal 1.7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook