Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1994
Finjan SurfinGate 7.0SP2 and SP3 allows remote malicious users to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e".
Finjan Software Surfingate 7.0 Sp2
Finjan Software Surfingate 7.0 Sp3
5
CVSSv2
CVE-2002-1021
BadBlue server allows remote malicious users to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
Working Resources Inc. Badblue 1.7.3 Enterprise
Working Resources Inc. Badblue 1.7.3 Personal
1 EDB exploit
NA
CVE-2023-36123
Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local malicious users to execute arbitrary code and gain sensitive information.
Plain Craft Launcher 2 Project Plain Craft Launcher 2 1.3.9
1 Github repository
5
CVSSv2
CVE-2004-1568
Directory traversal vulnerability in ParaChat Server 5.5 allows remote malicious users to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL.
Parachat Parachat Server 5.5
7.5
CVSSv2
CVE-2001-0902
Microsoft IIS 5.0 allows remote malicious users to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-1999-1547
Oracle Web Listener 2.1 allows remote malicious users to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
Oracle Web Listener 2.1
5
CVSSv2
CVE-2005-1656
Mercur Messaging 2005 SP2 allows remote malicious users to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").
Mercur Mercur Messaging 2005 Sp2
7.5
CVSSv2
CVE-2006-1714
CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote malicious users to inject HTTP headers via hex-encoded CRLF sequences in the type parameter.
Phpmyforum Phpmyforum 4.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-4255
Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded phrase parameter.
Wikkawiki Wikkawiki
1 EDB exploit
4.3
CVSSv2
CVE-2005-2698
Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded keywords parameter.
Nelogic Technologies Nephp Publisher Enterprise 3.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »