Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-41739
A OS Command Injection vulnerability exists in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp.
Artica-proxy Artica Proxy 4.30.000000
6.4
CVSSv2
CVE-2004-1035
Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote malicious users to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that a...
Imap Proxy Imap Proxy 1.2.2
7.5
CVSSv2
CVE-2007-4837
SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Proxy Anket Proxy Anket 3.0.1
6
CVSSv2
CVE-2008-0633
Buffer overflow in Anon Proxy Server 0.102 and previous versions, when user authentication is enabled, allows remote malicious users to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
Anon Proxy Server Anon Proxy Server
1 EDB exploit
6.8
CVSSv2
CVE-2017-1000069
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
Oauth2 Proxy Project Oauth2 Proxy 2.1
10
CVSSv2
CVE-2008-4541
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 up to and including 4.0.7 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 4.0.1
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.6
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0.7
Sun Java System Web Proxy Server 4.0.2
7.5
CVSSv2
CVE-2021-21322
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user e...
Fastify-http-proxy Project Fastify-http-proxy
4.3
CVSSv2
CVE-2007-6460
Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server prior to 0.101 allow remote malicious users to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459.
Anon Proxy Server Anon Proxy Server 0.101
6.4
CVSSv2
CVE-2018-3739
https-proxy-agent prior to 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON).
Https-proxy-agent Project Https-proxy-agent
5
CVSSv2
CVE-2017-16037
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing malicious users to access any file in the system by placing '../' in the URL.
Gomeplus-h5-proxy Project Gomeplus-h5-proxy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »