Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml-rpc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote malicious users to execute arbitrary commands.
Yukihiro Matsumoto Ruby 1.8
NA
CVE-2014-9057
SQL injection vulnerability in the XML-RPC interface in Movable Type prior to 5.18, 5.2.x prior to 5.2.11, and 6.x prior to 6.0.6 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Debian Debian Linux 7.0
Sixapart Movable Type 6.0.5
Sixapart Movable Type 6.0
Sixapart Movable Type 5.2.2
Sixapart Movable Type 5.2.4
Sixapart Movable Type 5.2.9
Sixapart Movable Type
Sixapart Movable Type 6.0.4
Sixapart Movable Type 6.0.3
Sixapart Movable Type 6.0.2
Sixapart Movable Type 6.0.1
Sixapart Movable Type 5.2.5
Sixapart Movable Type 5.2.6
Sixapart Movable Type 5.2.7
Sixapart Movable Type 5.2.8
Sixapart Movable Type 5.2
Sixapart Movable Type 5.2.3
Sixapart Movable Type 5.2.10
NA
CVE-2010-3583
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ...
Oracle Vm 2.2.1
NA
CVE-2005-2498
Eval injection vulnerability in PHPXMLRPC 1.1.1 and previous versions (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote malicious users to execute arbitrary PHP code via certain nested XML t...
Gggeek Phpxmlrpc
Debian Debian Linux 3.1
NA
CVE-2010-0597
Unspecified vulnerability in Cisco Mediator Framework 1.5.1 prior to 1.5.1.build.14-eng, 2.2 prior to 2.2.1.dev.1, and 3.0 prior to 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users t...
Cisco Mediator Framework 2.2
Cisco Mediator Framework 3.0.8
Cisco Mediator Framework 1.5.1
NA
CVE-2010-0600
Cisco Mediator Framework 1.5.1 prior to 1.5.1.build.14-eng, 2.2 prior to 2.2.1.dev.1, and 3.0 prior to 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not properly restrict network access to an unspecified conf...
Cisco Mediator Framework 2.2
Cisco Mediator Framework 3.0.8
Cisco Mediator Framework 1.5.1
6.1
CVSSv3
CVE-2019-16935
The documentation XML-RPC server in Python up to and including 2.7.16, 3.x up to and including 3.6.9, and 3.7.x up to and including 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_ser...
Python Python
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
NA
CVE-2005-0089
The SimpleXMLRPCServer library module in Python 2.2, 2.3 prior to 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote malicious users to read or modify globals of the associated module,...
Python Python 2.4.0
Python Python
NA
CVE-2007-5824
webserver.c in mt-dappd in Firefly Media Server 0.2.4 and previous versions allows remote malicious users to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in ...
Firefly Media Server
1 EDB exploit
NA
CVE-2007-5825
Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and previous versions allows remote malicious users to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or ...
Firefly Media Server 0.2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »