Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-1517
Zone Labs IMsecure and IMsecure Pro prior to 1.5 allow remote malicious users to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions.
Zonelabs Imsecure 1.0.0.0
Zonelabs Imsecure 1.0.1.0
Zonelabs Imsecure 1.0.2.0
5
CVSSv2
CVE-2002-2144
Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote malicious users to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.
Free Peers Bearshare 4.0.5
Free Peers Bearshare 4.0.6
4.3
CVSSv2
CVE-2005-2698
Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded keywords parameter.
Nelogic Technologies Nephp Publisher Enterprise 3.04
6.6
CVSSv2
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
5
CVSSv2
CVE-2005-1570
forum.asp in bttlxeForum 2.0 allows remote malicious users to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability.
Battleaxe Software Bttlxeforum 2.0
5
CVSSv2
CVE-2002-2346
phpBB 2.0 up to and including 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote malicious users to obtain client IP addresses.
Phpbb Phpbb 2.0
Phpbb Phpbb 2.0.2
Phpbb Phpbb 2.0.1
Phpbb Phpbb 2.0.3
5
CVSSv2
CVE-2001-1266
Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) prior to 0.4.1 allows remote malicious users to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.
Doug Neal Dnhttpd 0.4.1
2.6
CVSSv2
CVE-2004-1907
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote malicious users to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13".
1 EDB exploit
7.5
CVSSv2
CVE-2004-2032
Netgear RP114 allows remote malicious users to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
Netgear Rp114 3.26
1 EDB exploit
5
CVSSv2
CVE-2005-1198
Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote malicious users to read arbitrary files via hex-encoded null characters (%00) in the middle of ".." sequences in the template parameter.
Anaconda Partners Foundation Directory
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »