Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
slashes vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2071
Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote malicious users to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name.
Macallan Mail Solution 2.8.4.6 Build 260
1 EDB exploit
7.5
CVSSv3
CVE-2018-16482
A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.
Mcstatic Project Mcstatic
6.5
CVSSv3
CVE-2018-16485
Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.
M-server Project M-server
7.5
CVSSv3
CVE-2015-3297
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 up to and including 1.5.2 allows remote malicious users to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests.
Etherpad Etherpad 1.1.2
Etherpad Etherpad 1.2.1
Etherpad Etherpad 1.2.3
Etherpad Etherpad 1.2.9
Etherpad Etherpad 1.2.10
Etherpad Etherpad 1.5.1
Etherpad Etherpad 1.2.5
Etherpad Etherpad 1.2.6
Etherpad Etherpad 1.2.7
Etherpad Etherpad 1.2.8
Etherpad Etherpad 1.1.3
Etherpad Etherpad 1.1.4
Etherpad Etherpad 1.1.5
Etherpad Etherpad 1.2.0
Etherpad Etherpad 1.2.11
Etherpad Etherpad 1.2.12
Etherpad Etherpad 1.3.0
Etherpad Etherpad 1.4.0
Etherpad Etherpad 1.4.1
Etherpad Etherpad 1.1.1
Etherpad Etherpad 1.2.2
Etherpad Etherpad 1.2.4
NA
CVE-2004-0235
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
Clearswift Mailsweeper 4.3.13
Clearswift Mailsweeper 4.3.3
Clearswift Mailsweeper 4.3.4
F-secure F-secure Anti-virus 2004
F-secure F-secure Anti-virus 4.51
F-secure F-secure Anti-virus 5.41
F-secure F-secure For Firewalls 6.20
F-secure F-secure Internet Security 2003
Rarlab Winrar 3.20
Redhat Lha 1.14i-9
Winzip Winzip 9.0
Clearswift Mailsweeper 4.0
Clearswift Mailsweeper 4.1
Clearswift Mailsweeper 4.3.5
Clearswift Mailsweeper 4.3.6
F-secure F-secure Anti-virus 5.42
F-secure F-secure Internet Security 2004
F-secure F-secure Personal Express 4.5
Sgi Propack 2.4
Sgi Propack 3.0
Clearswift Mailsweeper 4.2
Clearswift Mailsweeper 4.3
NA
CVE-2004-1973
DiGi Web Server allows remote malicious users to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters.
Digi Www Server Compieuw
1 EDB exploit
5.3
CVSSv3
CVE-2015-2060
cabextract prior to 1.6 does not properly check for leading slashes when extracting files, which allows remote malicious users to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
Cabextract Project Cabextract
NA
CVE-2007-3244
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress prior to 0.8.1 might allow remote malicious users to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug.&q...
Bbpress Bbpress 0.8
NA
CVE-2004-0677
Fastream NETFile FTP Server 6.7.2.1085 and previous versions allows remote malicious users to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A").
Fastream Netfile Ftp Web Server
NA
CVE-2007-0187
F5 FirePass 5.4 up to and including 5.5.2 and 6.0 allows remote malicious users to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters ...
F5 Firepass 5.4
F5 Firepass 5.4.7
F5 Firepass 5.4.8
F5 Firepass 5.4.9
F5 Firepass 5.4.1
F5 Firepass 5.4.2
F5 Firepass 5.5
F5 Firepass 5.5.1
F5 Firepass 5.4.5
F5 Firepass 5.4.6
F5 Firepass 5.4.3
F5 Firepass 5.4.4
F5 Firepass 5.5.2
F5 Firepass 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »