Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oliver karow vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB prior to 7.6.00.30 allows remote malicious users to execute arbitrary code via a long database name when connecting via a WebDBM client.
Mysql MaxdbSap-db Sap-db
NA
CVE-2004-2564
Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote malicious users to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp...
Sambar Sambar Server 6.1
NA
CVE-2006-0254
Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-L...
Apache Geronimo 1.0
NA
CVE-2005-1006
Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.
Sonicwall Soho Firmware 5.1.7.0
NA
CVE-2004-2022
ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffe...
Activestate Activeperl 5.7.3Activestate Activeperl 5.8Activestate Activeperl 5.7.1Activestate Activeperl 5.7.2Activestate Activeperl 5.6.1Activestate Activeperl 5.6.1.630Activestate Activeperl 5.6.2Activestate Activeperl 5.6.3
NA
CVE-2005-2729
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote malicious users to bypass firewall rules and connect to local services.
Astaro Security Linux 6.001
NA
CVE-2005-1118
Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote malicious users to inject arbitrary web script or HTML via the postdata parameter.
Rsa Authentication Agent For Web 5.2
NA
CVE-2005-0316
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote malicious users to bypass intended access restrictions.
Webwasher Webwasher Classic 2.2.1Webwasher Webwasher Classic 3.3
NA
CVE-2003-1151
Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.
NA
CVE-2005-1708
templates.admin.users.user_form_processing in Blue Coat Reporter prior to 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
Bluecoat Reporter
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook