Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4837
SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Proxy Anket Proxy Anket 3.0.1
6.1
CVSSv3
CVE-2021-21291
OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a d...
Oauth2 Proxy Project Oauth2 Proxy
5.5
CVSSv3
CVE-2021-21411
OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the flag settings, authorization w...
Oauth2 Proxy Project Oauth2 Proxy
6.1
CVSSv3
CVE-2017-1000070
The Bitly oauth2_proxy in version 2.1 and previous versions was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
Oauth2 Proxy Project Oauth2 Proxy
NA
CVE-2004-1035
Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote malicious users to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that a...
Imap Proxy Imap Proxy 1.2.2
6.1
CVSSv3
CVE-2020-5233
OAuth2 Proxy prior to 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0.
Oauth2 Proxy Project Oauth2 Proxy
7.5
CVSSv3
CVE-2017-16014
Http-proxy is a proxying library. Because of the way errors are handled in versions prior to 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
Http-proxy Project Http-proxy
5.4
CVSSv3
CVE-2020-4037
In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect UR...
Oauth2 Proxy Project Oauth2 Proxy
7.5
CVSSv3
CVE-2018-19458
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
Php-proxy Php-proxy 3.0.3
1 EDB exploit
7.5
CVSSv3
CVE-2018-19784
The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for malicious users to calculate the authorization data needed for local file inclusion.
Php-proxy Php-proxy 5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »