Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-10389
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
Open Tftp Server Project Open Tftp Server
9.8
CVSSv3
CVE-2019-12568
Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-...
Open Tftp Server Project Open Tftp Server
7.2
CVSSv3
CVE-2021-24662
The Game Server Status WordPress plugin up to and including 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page
Game-server-status Project Game-server-status
9.8
CVSSv3
CVE-2021-40818
scheme/webauthn.c in Glewlwyd SSO server up to and including 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.
Glewlwyd Sso Server Project Glewlwyd Sso Server
7.5
CVSSv3
CVE-2020-35857
An issue exists in the trust-dns-server crate prior to 0.18.1 for Rust. DNS MX and SRV null targets are mishandled, causing stack consumption.
Trust-dns-server Project Trust-dns-server
6.1
CVSSv3
CVE-2018-3726
crud-file-server node module prior to 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Crud-file-server Project Crud-file-server
7.5
CVSSv3
CVE-2018-3733
crud-file-server node module prior to 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
Crud-file-server Project Crud-file-server
6.1
CVSSv3
CVE-2023-4495
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp.
Easy Chat Server Project Easy Chat Server
6.1
CVSSv3
CVE-2023-4496
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in the mtowho parameter.
Easy Chat Server Project Easy Chat Server
6.1
CVSSv3
CVE-2023-4497
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp.
Easy Chat Server Project Easy Chat Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »