Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeroscience.mk vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-9644
An Unquoted Search Path or Element issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, Site...
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
Automatedlogic I-vu
1 EDB exploit
6.3
CVSSv3
CVE-2017-9640
A Path Traversal issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web before 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prio...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
1 EDB exploit
7.8
CVSSv3
CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC Web...
Automatedlogic Sitescan Web
Automatedlogic I-vu
Carrier Automatedlogic Webctrl
1 EDB exploit
NA
CVE-2017-964030
Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
7.5
CVSSv3
CVE-2015-2080
The exception handling code in Eclipse Jetty prior to 9.2.9.v20150224 allows remote malicious users to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
Fedoraproject Fedora 22
Eclipse Jetty 9.3.0
Eclipse Jetty 9.2.3
Eclipse Jetty 9.2.8
Eclipse Jetty 9.2.5
Eclipse Jetty 9.2.4
Eclipse Jetty 9.2.7
Eclipse Jetty 9.2.6
1 EDB exploit
NA
CVE-2015-5285
CRLF injection vulnerability in Kallithea prior to 0.3 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
Kallithea-scm Kallithea
1 EDB exploit
NA
CVE-2015-771405
Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
NA
CVE-2015-771505
The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. M...
NA
CVE-2015-528521
Kallithea suffers from a HTTP header injection (response splitting) vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'came_from' parameter in the login instance. This type of attack not only allows a mali...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »