Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-3733
crud-file-server node module prior to 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
Crud-file-server Project Crud-file-server
NA
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
7.5
CVSSv2
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x prior to 2.6.2 has a buffer overflow associated with a webauthn assertion.
Glewlwyd Sso Server Project Glewlwyd Sso Server
NA
CVE-2022-35868
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6)...
Siemens Tia Project-server 1.0
Siemens Tia Multiuser Server 14
Siemens Tia Multiuser Server 16
Siemens Tia Multiuser Server 15
Siemens Tia Multiuser Server 15.1
Siemens Tia Project-server 17
7.5
CVSSv2
CVE-2018-18861
Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command.
Pcman Ftp Server Project Pcman Ftp Server 2.0.7
5
CVSSv2
CVE-2019-11383
An issue exists in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
Wifi Ftp Server Project Wifi Ftp Server 1.8.3
3.5
CVSSv2
CVE-2021-43459
A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
3.5
CVSSv2
CVE-2021-43461
Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
3.5
CVSSv2
CVE-2021-43462
A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
NA
CVE-2022-25848
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
Static-dev-server Project Static-dev-server 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »