Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-31920
Istio prior to 1.8.6 and 1.9.x prior to 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used.
Istio Istio
NA
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote malicious users to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 up to and including 2.6.18, or (2) a DOS device name followed by a .. i...
Alchemy Lab Alchemy Eye 2.6.19
Alchemy Lab Alchemy Eye 2.1
Alchemy Lab Alchemy Eye 2.6.18
Alchemy Lab Alchemy Eye 2.5
Alchemy Lab Alchemy Eye 3.0.10
Alchemy Lab Alchemy Eye 2.2
Alchemy Lab Alchemy Eye 2.3
Alchemy Lab Alchemy Eye 2.0
Alchemy Lab Alchemy Eye 2.6
Alchemy Lab Alchemy Eye 2.4
Alchemy Lab Alchemy Eye 3.0
Dek Software Alchemy Network Monitor
NA
CVE-2005-0502
Directory traversal vulnerability in Xinkaa 1.0.3 and previous versions allows remote malicious users to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request.
Xinkaa Web Station Xinkaa Web Station 1.0.3
NA
CVE-2003-0471
Buffer overflow in WebAdmin.exe for WebAdmin allows remote malicious users to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
Alt-n Webadmin
4 EDB exploits
NA
CVE-2003-0313
Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote malicious users to list arbitrary directory contents via a ... (triple dot) in an HTTP request.
Snowblind.net Snowblind Web Server 1.0
NA
CVE-2001-0189
Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote malicious users to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request.
Intranet-server Localweb2000 1.1
1 EDB exploit
NA
CVE-2004-2221
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote malicious users to execute arbitrary code via a long parameter in an HTTP GET request.
Mercantec Softcart 4.00b
2 EDB exploits
NA
CVE-2004-1609
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote malicious users to gain access.
Saleslogix Corporation Saleslogix 2000.0
Best Software Saleslogix
NA
CVE-2002-2240
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote malicious users to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
Myserver Myserver 0.11
Myserver Myserver 0.2
NA
CVE-2001-0902
Microsoft IIS 5.0 allows remote malicious users to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
Microsoft Internet Information Services 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »