Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7171
Multiple cross-site scripting (XSS) vulnerabilities in Lightweight news portal (LNP) 1.0b allow remote malicious users to inject arbitrary web script or HTML via the (1) photo parameter to show_photo.php, (2) potd parameter to show_potd.php, or (3) the Current question field in a...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
NA
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
NA
CVE-2009-2617
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote malicious users to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
Baofeng Storm 3.9.62
1 EDB exploit
NA
CVE-2009-1807
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and previous versions allows remote malicious users to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.
Baofeng Storm 2.7.9 8
Baofeng Storm 2.8
Baofeng Storm 2.9
Baofeng Storm
Baofeng Storm 2.7.9 10
1 EDB exploit
NA
CVE-2008-6813
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote malicious users to execute arbitrary SQL commands via the id_kat parameter.
Surat Kabar Phpwebnews 0.2
1 EDB exploit
NA
CVE-2009-1612
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote malicious users to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of...
Baofeng Storm 2.9
Baofeng Storm 2.8
Baofeng Storm 2.7.9 8
Baofeng Storm 3.9.4 27
Baofeng Storm 3.9.3 30
Baofeng Storm 3.9.4 17
Baofeng Storm 2.7.9 10
Baofeng Storm 3.9.3 25
2 EDB exploits
NA
CVE-2009-0758
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote malicious users to cause a denial of service (networ...
Avahi Avahi-daemon 0.6.23
NA
CVE-2008-6383
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x prior to 5.x-1.14 and 6.x prior to 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Drupal Storm 5.x-1.13
Drupal Storm 5.x-1.7
Drupal Storm 5.x-1.4
Drupal Storm 6.x-1.16
Drupal Storm 6.x-1.15
Drupal Storm 6.x-1.14
Drupal Storm 6.x-1.7
Drupal Storm 6.x-1.8
Drupal Storm 6.x-1.x-dev
Drupal Storm 5.x-1.12
Drupal Storm 5.x-1.11
Drupal Storm 5.x-1.5
Drupal Storm 5.x-1.3
Drupal Storm 6.x-1.13
Drupal Storm 6.x-1.12
Drupal Storm 6.x-1.4
Drupal Storm 6.x-1.5
Drupal Storm 5.x-1.8
Drupal Storm 5.x-1.6
Drupal Storm 5.x-1.x-dev
Drupal Storm 6.x-1.17
Drupal Storm 6.x-1.9
NA
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
NA
CVE-2008-0406
HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allows remote malicious users to cause a denial of service (daemon crash) via a long account name.
Hfs Http File Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »