Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-0169
Batch files in the Oracle web listener ows-bin directory allow remote malicious users to execute commands via a malformed URL that includes '?&'.
Oracle Application Server 4.0
1 EDB exploit
5
CVSSv2
CVE-2006-6277
Directory traversal vulnerability in admin/FileServer.php in ContentServ 4.x allows remote malicious users to read arbitrary files via a .. (dot dot) in the src parameter, a different vector than CVE-2005-3086.
Contentserv Contentserv 4.0
Contentserv Contentserv 4.1
1 EDB exploit
7.5
CVSSv2
CVE-1999-0455
The Expression Evaluator sample application in ColdFusion allows remote malicious users to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
Allaire Coldfusion Server 4.0
1 EDB exploit
5
CVSSv2
CVE-2002-0786
iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter.
Critical Path Injoin Directory Server 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-4443
PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote malicious users to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter.
Alstrasoft Video Share Enterprise 4.0
1 EDB exploit
5
CVSSv2
CVE-2006-5714
Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote malicious users to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.
Efs Software Efs Web Server 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-0313
Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote malicious users to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users t...
Amax Information Technologies Magic Winmail Server 4.0
2 EDB exploits
6.8
CVSSv2
CVE-2007-1906
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
Ecardmax.com Hot Editor 4.0
Mybb Mybb Hot Editor Plugin
1 EDB exploit
5
CVSSv2
CVE-2001-1243
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote malicious users to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injectin...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
2 EDB exploits
7.5
CVSSv2
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »