Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-10005
A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the pu...
Easyftp Server Project Easyftp Server 1.7.0.2
383
VMScore
CVE-2020-18102
Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote malicious users to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php".
Hotels Server Project Hotels Server 1.0
580
VMScore
CVE-2021-28476
Windows Hyper-V Remote Code Execution Vulnerability
Microsoft Windows 10 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows 10 1607
Microsoft Windows 7 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows 8.1 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows Server 2016 2004
Microsoft Windows 10 2004
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 20h2
5 Github repositories
1 Article
NA
CVE-2024-25715
Glewlwyd SSO server 2.x up to and including 2.7.6 allows open redirection via redirect_uri.
Glewlwyd Sso Server Project Glewlwyd Sso Server
NA
CVE-2023-49208
scheme/webauthn.c in Glewlwyd SSO server prior to 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.
Glewlwyd Sso Server Project Glewlwyd Sso Server
570
VMScore
CVE-2022-31527
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Flask-file-server Project Flask-file-server
NA
CVE-2022-25895
All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
Lite-dev-server Project Lite-dev-server -
NA
CVE-2022-25931
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
Easy-static-server Project Easy-static-server
NA
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
NA
CVE-2023-4495
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp.
Easy Chat Server Project Easy Chat Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »