Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-5336
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
Icewarp Webclient
7.5
CVSSv2
CVE-2002-1541
BadBlue 1.7 allows remote malicious users to bypass password protections for directories and files via an HTTP request containing an extra / (slash).
Working Resources Inc. Badblue 1.7.0
7.5
CVSSv2
CVE-2002-1061
Multiple buffer overflows in Thomas Hauck Jana Server 2.x up to and including 2.2.1, and 1.4.6 and previous versions, allow remote malicious users to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an...
T. Hauck Jana Web Server 1.0
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 1.46
T. Hauck Jana Web Server 2.0 Beta1
T. Hauck Jana Web Server 2.2.1
T. Hauck Jana Web Server 2.0
T. Hauck Jana Web Server 2.0 Beta2
5
CVSSv2
CVE-2011-4712
Directory traversal vulnerability in Oxide WebServer allows remote malicious users to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request.
Monoxide0184 Oxide Webserver
1 EDB exploit
5
CVSSv2
CVE-2004-1743
Easy File Sharing (EFS) Webserver 1.25 allows remote malicious users to view arbitrary files via an HTTP request for the disk_c virtual folder.
Efs Software Efs Web Server 1.2
Efs Software Efs Web Server 1.25
5
CVSSv2
CVE-2005-0507
Directory traversal vulnerability in SD Server 4.0.70 and previous versions allows remote malicious users to read arbitrary files via .. sequences in an HTTP request.
Gd Software Sd Server 4.0.70
5
CVSSv2
CVE-2002-2229
Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote malicious users to read arbitrary files via a .. in an HTTP request.
Sapio Design Ltd Webreflex 1.53
NA
CVE-2023-46012
Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote malicious user to execute arbitrary code via an HTTP request to the IGD UPnP.
1 Github repository
5
CVSSv2
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
7.5
CVSSv2
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
Squirrelmail Squirrelmail 1.4.22
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »