Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-31920
Istio prior to 1.8.6 and 1.9.x prior to 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used.
Istio Istio
668
VMScore
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote malicious users to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 up to and including 2.6.18, or (2) a DOS device name followed by a .. i...
Alchemy Lab Alchemy Eye 2.1
Alchemy Lab Alchemy Eye 2.2
Alchemy Lab Alchemy Eye 3.0
Alchemy Lab Alchemy Eye 3.0.10
Dek Software Alchemy Network Monitor
Alchemy Lab Alchemy Eye 2.3
Alchemy Lab Alchemy Eye 2.4
Alchemy Lab Alchemy Eye 2.5
Alchemy Lab Alchemy Eye 2.6
Alchemy Lab Alchemy Eye 2.0
Alchemy Lab Alchemy Eye 2.6.18
Alchemy Lab Alchemy Eye 2.6.19
505
VMScore
CVE-2002-1828
Savant Webserver 3.1 allows remote malicious users to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
Savant Savant Webserver 3.1
1 EDB exploit
445
VMScore
CVE-2002-2240
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote malicious users to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
Myserver Myserver 0.11
Myserver Myserver 0.2
445
VMScore
CVE-2004-1609
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote malicious users to gain access.
Best Software Saleslogix
Saleslogix Corporation Saleslogix 2000.0
505
VMScore
CVE-2001-0189
Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote malicious users to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request.
Intranet-server Localweb2000 1.1
1 EDB exploit
445
VMScore
CVE-2005-0502
Directory traversal vulnerability in Xinkaa 1.0.3 and previous versions allows remote malicious users to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request.
Xinkaa Web Station Xinkaa Web Station 1.0.3
505
VMScore
CVE-2002-1031
KeyFocus (KF) web server 1.0.2 allows remote malicious users to list directories and read restricted files via an HTTP request containing a %00 (null) character.
Key Focus Kf Web Server 1.0.2
1 EDB exploit
445
VMScore
CVE-2002-1035
Omnicron OmniHTTPd 2.09 allows remote malicious users to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.
Omnicron Omnihttpd 2.09
445
VMScore
CVE-2002-1928
602Pro LAN SUITE 2002 allows remote malicious users to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension.
Software602 602pro Lan Suite 2002
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »