Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
404 not found vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-8380
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote malicious users to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
Splunk Splunk 6.1.1
1 EDB exploit
NA
CVE-2014-9361
The LoginToboggan module 7.x-1.x prior to 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privileges and possibly obtain sensitive information by accessing a Page Not Found (...
Logintoboggan Project Logintoboggan 7.x-1.2
Logintoboggan Project Logintoboggan 7.x-1.1
Logintoboggan Project Logintoboggan 7.x-1.0
Logintoboggan Project Logintoboggan 7.x-1.3
Logintoboggan Project Logintoboggan 7.x-1.x
NA
CVE-2006-4067
Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP prior to 1.1.7.3363 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 ("Not Found") error page. NOTE: some of these details are ob...
Cakefoundation Cakephp 1.1.5.3148
Cakefoundation Cakephp
Cakefoundation Cakephp 1.0.1.2708
Cakefoundation Cakephp 1.1.3.2967
Cakefoundation Cakephp 1.1.4.3104
6.1
CVSSv3
CVE-2020-27219
In all version of Eclipse Hawkbit before 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped...
Eclipse Hawkbit
Eclipse Hawkbit 0.3.0
6.1
CVSSv3
CVE-2023-33276
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the suppl...
Gira Knx Ip Router Firmware 3.1.3683.0
Gira Knx Ip Router Firmware 3.3.8.0
6.1
CVSSv3
CVE-2021-37573
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page
Tiny Java Web Server Project Tiny Java Web Server
7.5
CVSSv3
CVE-2021-28091
Lasso all versions before 2.7.0 has improper verification of a cryptographic signature.
Entrouvert Lasso
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
5.4
CVSSv3
CVE-2022-39348
Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response a...
Twistedmatrix Twisted
Debian Debian Linux 10.0
5.3
CVSSv3
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with De...
Siemens Pxc00-e.d Firmware
Siemens Pxc50-e.d Firmware
Siemens Pxc100-e.d Firmware
Siemens Pxc200-e.d Firmware
Siemens Pxa40-w0 Firmware
Siemens Pxa40-w1 Firmware
Siemens Pxa40-w2 Firmware
Siemens Pxc00-u Firmware
Siemens Pxc64-u Firmware
Siemens Pxc128-u Firmware
Siemens Pxa30-w0 Firmware
Siemens Pxa30-w1 Firmware
Siemens Pxa30-w2 Firmware
Siemens Pxc22.1-e.d Firmware
Siemens Pxc36-e.d Firmware
Siemens Pxc36.1-e.d Firmware
6.1
CVSSv3
CVE-2018-10547
An issue exists in ext/phar/phar_object.c in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists bec...
Php Php
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »