Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-16090
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Fsk-server Project Fsk-server
NA
CVE-2020-26938
In oauth2-server (aka node-oauth2-server) up to and including 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This al...
Oauth2-server Project Oauth2-server
445
VMScore
CVE-2019-7648
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.
Hotels Server Project Hotels Server
383
VMScore
CVE-2018-3771
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
Statics-server Project Statics-server
NA
CVE-2015-10086
A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is usi...
Server-php Project Server-php
445
VMScore
CVE-2014-10066
Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.
Fancy-server Project Fancy-server
NA
CVE-2018-25087
A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The manipulation of the argument project leads to denial of service. Continious delivery with rolling releases is used by this product. ...
Arborator Server Project Arborator Server
605
VMScore
CVE-2020-15135
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Dou...
Save-server Project Save-server
668
VMScore
CVE-2019-6497
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
Hotels Server Project Hotels Server
312
VMScore
CVE-2018-16484
A XSS vulnerability was found in module m-server <1.4.2 that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names.
M-server Project M-server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »