Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2014-4927
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote malicious users to cause a denial of service (crash) via a long string in the URI in a GET request.
Netgear Wgr614 V1
Netgear Wgr614 V9
Netgear Wgr614 V3
Netgear Wgr614 V8
Netgear Wgr614 V2
Acme Micro Httpd -
Netgear Wgr614 V4
Netgear Wgr614 V7
Netgear Wgr614 V6
Netgear Mr-adsl-dg834 -
Netgear Wgr614 V5
Dlink Dsl2750u -
Dlink Dsl2740u -
1 EDB exploit
2.1
CVSSv2
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
7.5
CVSSv2
CVE-2008-2893
SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.
Ajhyip Aj Square Aj-hyip
1 EDB exploit
7.5
CVSSv2
CVE-2008-2532
SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Aj Square Aj Hyip
1 EDB exploit
4.3
CVSSv2
CVE-2019-12347
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.
Netgate Pfsense 2.4.4
1 EDB exploit
4.3
CVSSv2
CVE-2004-2102
Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote malicious users to inject arbitrary web script or HTML via the test parameter.
1 EDB exploit
NA
CVE-2022-25377
The ACME-challenge endpoint in Appwrite 0.5.0 up to and including 0.12.x prior to 0.12.2 allows remote malicious users to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APP_STORAGE_CERTIFICATES/.well-known/acme-challenge must exist on disk. (Th...
NA
CVE-2022-34831
An issue exists in Keyfactor PrimeKey EJBCA prior to 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. During the ACME enrollment process, an order is submitted containing an identifie...
Primekey Ejbca
5
CVSSv2
CVE-2020-11628
An issue exists in EJBCA prior to 6.15.2.6 and 7.x prior to 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions can be bypassed by modifying the URI string from a client. (EJBCA&...
Primekey Ejbca
7.5
CVSSv2
CVE-2009-4611
Mort Bay Jetty 6.x up to and including 6.1.22 and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request cont...
Mortbay Jetty 6.1.15
Mortbay Jetty 6.1.12
Mortbay Jetty 6.1.7
Mortbay Jetty 6.1.6
Mortbay Jetty 6.1.4
Mortbay Jetty 6.1.2
Mortbay Jetty 6.1.0
Mortbay Jetty 6.0.0
Mortbay Jetty 6.1.16
Mortbay Jetty 6.1.11
Mortbay Jetty 6.1.8
Mortbay Jetty 6.1.20
Mortbay Jetty 6.1.1
Mortbay Jetty 6.0.1
Mortbay Jetty 6.1.3
Mortbay Jetty 6.1.19
Mortbay Jetty 6.1.14
Mortbay Jetty 6.1.9
Mortbay Jetty 6.1.10
Mortbay Jetty 6.1.5
Mortbay Jetty 6.0.2
Mortbay Jetty 7.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4