Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rafel ivgi the-insider vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2104
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote malicious users to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
Novell Netware 5.1
Novell Netware 6.0
3 EDB exploits
NA
CVE-2004-1947
The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote malicious users to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase th...
Softwin Bitdefender
2 EDB exploits
NA
CVE-2004-2094
Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote malicious users to inject arbitrary HTML or web script as other users via a URL that contains the script.
Darkwet Webcam Xp 1.6.945
1 EDB exploit
NA
CVE-2004-2745
Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in a URL.
Anteco Visual Technologies Ownserver
1 EDB exploit
NA
CVE-2004-2121
Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and previous versions allow remote malicious users to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences,...
Borland Software Web Server For Corel Paradox
1 EDB exploit
NA
CVE-2004-0337
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote malicious users to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be repro...
Software602 602pro Lan Suite 2002
Software602 602pro Lan Suite 2003
1 EDB exploit
NA
CVE-2004-1813
VocalTec VGW4/8 Gateway 8.0 allows remote malicious users to bypass authentication via an HTTP request to home.asp with a trailing slash (/).
Vocaltec Vgw4 8 Telephony Gateway 8.0
1 EDB exploit
NA
CVE-2004-1904
Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote malicious users to execute arbitrary code via the Internacional property followed by a long string.
Panda Activescan 5.0
1 EDB exploit
NA
CVE-2004-0358
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote malicious users to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the cat...
Virtuasystems Virtuanews Pro 1.0
Virtuasystems Virtuanews Pro 1.0.1
Virtuasystems Virtuanews Pro 1.0.2
Virtuasystems Virtuanews Pro 1.0.3
1 EDB exploit
NA
CVE-2004-1910
rufsi.dll in Symantec Virus Detection allows remote malicious users to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, al...
Symantec Security Check Virus Detection
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »