Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-27468
Monstaftp v2.10.3 exists to contain an arbitrary file upload which allows malicious users to execute arbitrary code via a crafted file uploaded to the web server.
Monstaftp Monsta Ftp 2.10.3
9.8
CVSSv3
CVE-2022-23457
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a ...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
9.8
CVSSv3
CVE-2022-29464
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/ser...
Wso2 Identity Server Analytics 5.5.0
Wso2 Identity Server Analytics 5.4.1
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server Analytics 5.4.0
Wso2 Api Manager
Wso2 Identity Server
Wso2 Enterprise Integrator
Wso2 Identity Server As Key Manager
31 Github repositories
9.8
CVSSv3
CVE-2021-32974
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote malicious user to execute commands.
Moxa Nport Iaw5150a-6i\\/o Firmware
Moxa Nport Iaw5150a-12i\\/o Firmware
Moxa Nport Iaw5250a-6i\\/o Firmware
Moxa Nport Iaw5250a-12i\\/o Firmware
9.8
CVSSv3
CVE-2021-32976
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote malicious user to initiate a denial-of-service attack and execute arbitrary code.
Moxa Nport Iaw5150a-6i\\/o Firmware
Moxa Nport Iaw5150a-12i\\/o Firmware
Moxa Nport Iaw5250a-6i\\/o Firmware
Moxa Nport Iaw5250a-12i\\/o Firmware
9.8
CVSSv3
CVE-2021-25003
The WPCargo Track & Trace WordPress plugin prior to 6.9.0 contains a file which could allow unauthenticated malicious users to write a PHP file anywhere on the web server, leading to RCE
Wptaskforce Wpcargo Track \\& Trace
1 Github repository
9.8
CVSSv3
CVE-2022-22720
Apache HTTP Server 2.4.52 and previous versions fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
9.8
CVSSv3
CVE-2021-45887
An issue exists in PONTON X/P Messenger prior to 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an i...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
9.8
CVSSv3
CVE-2022-0766
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.17.
Calibre-web Project Calibre-web
9.8
CVSSv3
CVE-2021-32586
An improper input validation vulnerability in the web server CGI facilities of FortiMail prior to 7.0.1 may allow an unauthenticated malicious user to alter the environment of the underlying script interpreter via specifically crafted HTTP requests.
Fortinet Fortimail
Fortinet Fortimail 7.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »