Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
the-ghost vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-3218
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-3219
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the a parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
5
CVSSv2
CVE-2010-1066
AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for control/db_backup.php.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
4
CVSSv2
CVE-2016-10983
The ghost plugin prior to 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
Ghost Ghost
5
CVSSv2
CVE-2001-0598
Symantec Ghost 6.5 and previous versions allows a remote malicious user to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
Symantec Norton Ghost
10
CVSSv2
CVE-2008-0640
Symantec Ghost Solution Suite 1.1 prior to 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote malicious users to execute arbitrary commands via unspecified RPC requests in conjunction with ARP sp...
Symantec Ghost Solutions Suite 1.1
Symantec Ghost Solutions Suite 2.0.0
Symantec Ghost Solutions Suite 2.0.1
10
CVSSv2
CVE-2020-35185
The official ghost docker images prior to 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank pass...
Docker Ghost Alpine Docker Image
NA
CVE-2022-30698
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns del...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-30699
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-3204
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack star...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started