Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27569
The eo_tags package prior to 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.
Prestashop Eo Tags
7.5
CVSSv2
CVE-2003-0317
iisPROTECT 2.1 and 2.2 allows remote malicious users to bypass authentication via an HTTP request containing URL-encoded characters.
Iisprotect Iisprotect 2.1
Iisprotect Iisprotect 2.2
1 EDB exploit
5
CVSSv2
CVE-2020-28851
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Go 1.15.4
6.8
CVSSv2
CVE-2009-2064
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page...
Microsoft Internet Explorer 6
Microsoft Pocket Ie 1.1
Microsoft Pocket Ie 2.0
Microsoft Internet Explorer 8
Microsoft Internet Explorer 8.0b
Microsoft Pocket Ie 3.0
Microsoft Pocket Ie 4.0
Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01
Microsoft Pocket Ie 1.0
Microsoft Internet Explorer
Microsoft Internet Explorer 7
Microsoft Internet Explorer 7.0.5730
Microsoft Pocket Ie 2002
Microsoft Pocket Ie 2003
NA
CVE-2022-4130
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
Redhat Satellite 6.11
Redhat Satellite 6.9
Redhat Satellite 6.10
5
CVSSv2
CVE-2001-0391
Xitami 2.5d4 and previous versions allows remote malicious users to crash the server via an HTTP request to the /aux directory.
Imatix Xitami 2.4d7
Imatix Xitami 2.5d4
10
CVSSv2
CVE-2005-2420
flsearch.pl in FtpLocate 2.02 allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTP GET request.
1 EDB exploit
NA
CVE-2022-45027
perfSONAR prior to 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.
Perfsonar Perfsonar
5
CVSSv2
CVE-2004-2385
EMU Webmail 5.2.7 allows remote malicious users to obtain sensitive path information (home directory) via an HTTP request for init.emu.
Emumail Emu Webmail 5.2.7
1 EDB exploit
5
CVSSv2
CVE-2004-1590
Clientexec allows remote malicious users to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
Clientexec Clientexec 2.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »