Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
NA
CVE-2008-7171
Multiple cross-site scripting (XSS) vulnerabilities in Lightweight news portal (LNP) 1.0b allow remote malicious users to inject arbitrary web script or HTML via the (1) photo parameter to show_photo.php, (2) potd parameter to show_potd.php, or (3) the Current question field in a...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
NA
CVE-2009-2617
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote malicious users to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
Baofeng Storm 3.9.62
1 EDB exploit
NA
CVE-2009-1807
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and previous versions allows remote malicious users to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.
Baofeng Storm 2.7.9 8
Baofeng Storm 2.8
Baofeng Storm 2.9
Baofeng Storm
Baofeng Storm 2.7.9 10
1 EDB exploit
NA
CVE-2008-6813
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote malicious users to execute arbitrary SQL commands via the id_kat parameter.
Surat Kabar Phpwebnews 0.2
1 EDB exploit
NA
CVE-2009-1612
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote malicious users to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of...
Baofeng Storm 2.9
Baofeng Storm 2.8
Baofeng Storm 2.7.9 8
Baofeng Storm 3.9.4 27
Baofeng Storm 3.9.3 30
Baofeng Storm 3.9.4 17
Baofeng Storm 2.7.9 10
Baofeng Storm 3.9.3 25
2 EDB exploits
NA
CVE-2009-0758
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote malicious users to cause a denial of service (networ...
Avahi Avahi-daemon 0.6.23
NA
CVE-2008-6383
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x prior to 5.x-1.14 and 6.x prior to 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Drupal Storm 5.x-1.13
Drupal Storm 5.x-1.7
Drupal Storm 5.x-1.4
Drupal Storm 6.x-1.16
Drupal Storm 6.x-1.15
Drupal Storm 6.x-1.14
Drupal Storm 6.x-1.7
Drupal Storm 6.x-1.8
Drupal Storm 6.x-1.x-dev
Drupal Storm 5.x-1.12
Drupal Storm 5.x-1.11
Drupal Storm 5.x-1.5
Drupal Storm 5.x-1.3
Drupal Storm 6.x-1.13
Drupal Storm 6.x-1.12
Drupal Storm 6.x-1.4
Drupal Storm 6.x-1.5
Drupal Storm 5.x-1.8
Drupal Storm 5.x-1.6
Drupal Storm 5.x-1.x-dev
Drupal Storm 6.x-1.17
Drupal Storm 6.x-1.9
NA
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
NA
CVE-2008-0407
HTTP File Server (HFS) prior to 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request.
Hfs Http File Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »