Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1911
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote malicious users to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.
Jasperforge Jasperreports Server Community Project 3.7.0
Jasperforge Jasperreports Server Community Project 3.7.1
7.2
CVSSv3
CVE-2020-26938
In oauth2-server (aka node-oauth2-server) up to and including 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This al...
Oauth2-server Project Oauth2-server
7.5
CVSSv3
CVE-2018-25087
A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The manipulation of the argument project leads to denial of service. Continious delivery with rolling releases is used by this product. ...
Arborator Server Project Arborator Server
6.1
CVSSv3
CVE-2022-29589
Crypt Server prior to 3.3.0 allows XSS in the index view. This is related to serial, computername, and username.
Crypt-server Project Crypt-server
7.5
CVSSv3
CVE-2019-7648
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.
Hotels Server Project Hotels Server
7.5
CVSSv3
CVE-2017-16038
`f2e-server` 1.12.11 and previous versions is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
F2e-server Project F2e-server
7.5
CVSSv3
CVE-2017-16090
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Fsk-server Project Fsk-server
7.5
CVSSv3
CVE-2022-40016
Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows malicious users to cause a denial of service.
Media-server Project Media-server
9.8
CVSSv3
CVE-2019-8393
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.
Hotels Server Project Hotels Server
9.8
CVSSv3
CVE-2022-31013
Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, as the code i...
Chat Server Project Chat Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »