Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2001-1581
The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote malicious users to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.
Clearswift Limited Mailsweeper 4.2
668
VMScore
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.2
Sap Businessobjects 4.3
NA
CVE-2023-1328
A vulnerability was found in Guizhou 115cms 4.2. It has been classified as problematic. Affected is an unknown function of the file /admin/content/index. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to...
115cms 115cms 4.2
1000
VMScore
CVE-2013-6955
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 prior to 4.0-2259, 4.2 prior to 4.2-3243, and 4.3 prior to 4.3-3810 Update 1 allows remote malicious users to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPL...
Synology Diskstation Manager 4.3-3810
Synology Diskstation Manager 4.2
Synology Diskstation Manager 4.0
Synology Diskstation Manager 4.3
1 EDB exploit
465
VMScore
CVE-2002-1513
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 up to and including 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
Compaq Tcp-ip Services 5.0a
Compaq Tcp-ip Services 5.3
Compaq Tcp-ip Services 4.2
Compaq Tcp-ip Services 5.1
1 EDB exploit
668
VMScore
CVE-2002-0134
Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote malicious users to list file contents of the proxy and execute arbitrary commands via a "dos" command.
Avirt Avirt Gateway Suite 4.2
605
VMScore
CVE-2007-0123
Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote malicious users to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations.
Uber Uploader Uber Uploader 4.2
1000
VMScore
CVE-1999-1405
snap command in AIX prior to 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd be...
Ibm Aix 4.2.1
Ibm Aix 3.2.5
Ibm Aix 4.1.4
Ibm Aix 4.2
Ibm Aix 4.1.5
Ibm Aix 4.1.2
Ibm Aix 4.1
Ibm Aix 4.1.3
1 EDB exploit
445
VMScore
CVE-2006-6229
Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 logs failed passwords, which might allow malicious users to infer correct passwords from the log file.
Codewalkers Ltwcalendar 4.2
Codewalkers Ltwcalendar 4.1.3
755
VMScore
CVE-2015-5074
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM prior to 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
X2engine X2crm
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »