Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-31920
Istio prior to 1.8.6 and 1.9.x prior to 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used.
Istio Istio
NA
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote malicious users to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 up to and including 2.6.18, or (2) a DOS device name followed by a .. i...
Alchemy Lab Alchemy Eye 2.6.19
Alchemy Lab Alchemy Eye 2.1
Alchemy Lab Alchemy Eye 2.6.18
Alchemy Lab Alchemy Eye 2.5
Alchemy Lab Alchemy Eye 3.0.10
Alchemy Lab Alchemy Eye 2.2
Alchemy Lab Alchemy Eye 2.3
Alchemy Lab Alchemy Eye 2.0
Alchemy Lab Alchemy Eye 2.6
Alchemy Lab Alchemy Eye 2.4
Alchemy Lab Alchemy Eye 3.0
Dek Software Alchemy Network Monitor
NA
CVE-2004-2221
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote malicious users to execute arbitrary code via a long parameter in an HTTP GET request.
Mercantec Softcart 4.00b
2 EDB exploits
NA
CVE-2001-1050
CCCSoftware CCC PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Cccsoftware Ccc 0.98
Cccsoftware Ccc 0.94
Cccsoftware Ccc 0.92
Cccsoftware Ccc 1.0
Cccsoftware Ccc 0.96
Cccsoftware Ccc 1.03
Cccsoftware Ccc 0.97
Cccsoftware Ccc 0.91
Cccsoftware Ccc 0.99
Cccsoftware Ccc 1.02
Cccsoftware Ccc 0.95
NA
CVE-2001-1089
libnss-pgsql in nss-pgsql 0.9.0 and previous versions allows remote malicious users to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
Alessandro Gardich Nss Postgresql 0.6.1
Joerg Wendland Libnss-pgsql 0.9.0
NA
CVE-2001-1232
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote malicious user to view arbitrary directory contents via an HTTP request with a lowercase "get".
Novell Groupwise 5.5
NA
CVE-2002-1828
Savant Webserver 3.1 allows remote malicious users to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
Savant Savant Webserver 3.1
1 EDB exploit
NA
CVE-2002-2240
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote malicious users to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
Myserver Myserver 0.11
Myserver Myserver 0.2
NA
CVE-2002-1928
602Pro LAN SUITE 2002 allows remote malicious users to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension.
Software602 602pro Lan Suite 2002
NA
CVE-2002-2012
Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote malicious users to cause "unexpected results" via an HTTP request.
Apache Http Server 1.3.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »