Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory pro vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-1534
Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Joomla.batjo Com Shoutbox
Joomla.batjo Com Shoutbox 1.2
Joomla.batjo Com Shoutbox 1.3
1 EDB exploit
9.3
CVSSv2
CVE-2008-6734
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Keller Web Admin Kwa 0.94
2 EDB exploits
5
CVSSv2
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
7.2
CVSSv2
CVE-2007-0333
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifyi...
Agnitum Outpost Firewall 4.0
1 EDB exploit
6.8
CVSSv2
CVE-2006-1278
SQL injection vulnerability in @1 File Store 2006.03.07 allows remote malicious users to execute arbitrary SQL commands via the id parameter to (1) functions.php and (2) user.php in the libs directory, (3) edit.php and (4) delete.php in control/files/, (5) edit.php and (6) delete...
Upoint @1 File Store 2006.03.07
1 EDB exploit
4
CVSSv2
CVE-2021-28197
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally te...
Asus Asmb9-ikvm Firmware 1.11.12
Asus Rs720a-e9-rs24-e Firmware 1.10.3
Asus Rs700a-e9-rs4 Firmware 1.10.0
Asus Rs700-e9-rs4 Firmware 1.09
Asus Esc4000 G4x Firmware 1.11.6
Asus Rs700-e9-rs12 Firmware 1.11.5
Asus Rs100-e10-pi2 Firmware 1.13.6
Asus Rs300-e10-ps4 Firmware 1.13.6
Asus Rs300-e10-rs4 Firmware 1.13.6
Asus Rs500a-e9-ps4 Firmware 1.14.1
Asus Rs500a-e9-rs4 Firmware 1.14.1
Asus Rs500a-e9 Rs4 U Firmware 1.14.1
Asus E700 G4 Firmware 1.14.1
Asus Ws C422 Pro/se Firmware 1.14.1
Asus Ws X299 Pro/se Firmware 1.14.1
Asus Z11pa-u12 Firmware 1.15.1
Asus Z11pa-u12/10g-2s Firmware 1.15.1
Asus Knpa-u16 Firmware 1.13.4
Asus Esc4000 Dhd G4 Firmware 1.13.7
Asus Esc4000 G4 Firmware 1.15.2
Asus Rs720q-e9-rs24-s Firmware 1.15.0
Asus Rs720q-e9-rs8 Firmware 1.15.0
5
CVSSv2
CVE-2006-3835
Apache Tomcat 5 prior to 5.5.17 allows remote malicious users to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Apache Tomcat 5.5.12
Apache Tomcat 5.5.7
Apache Tomcat 5.5.9
Apache Tomcat 5.0.28
Apache Tomcat 5.5.16
1 EDB exploit
4.3
CVSSv2
CVE-2008-2938
Directory traversal vulnerability in Apache Tomcat 4.1.0 up to and including 4.1.37, 5.5.0 up to and including 5.5.26, and 6.0.0 up to and including 6.0.16, when allowLinking and UTF-8 are enabled, allows remote malicious users to read arbitrary files via encoded directory traver...
Apache Tomcat
2 EDB exploits
2 Metasploit modules
1 Github repository
7.2
CVSSv2
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
NA
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsib...
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Ad360
Zohocorp Manageengine Ad360 4.3
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adselfservice Plus 6.2
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Analytics Plus 5.1
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Key Manager Plus
Zohocorp Manageengine Key Manager Plus 6.4
Zohocorp Manageengine Pam360 5.7
Zohocorp Manageengine Pam360
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
2 Metasploit modules
6 Github repositories
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »