Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1546
BRS WebWeaver Web Server 1.01 allows remote malicious users to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
Brs Webweaver 1.0.1
NA
CVE-2001-1048
AWOL PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Topher1kenobe Awol 1.2.1
Topher1kenobe Awol 2.01
Topher1kenobe Awol 2.1
Topher1kenobe Awol 1.0
Topher1kenobe Awol 1.0.1
Topher1kenobe Awol 1.2
Topher1kenobe Awol 2.0
NA
CVE-2001-1052
Empris PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Emergenices Personnel Information System Empris 0.4
Emergenices Personnel Information System Empris 2001-08-10
Emergenices Personnel Information System Empris 2001-09-08
NA
CVE-2001-1054
PHPAdsNew PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Phpadsnew Phpadsnew 2.0 Beta5
NA
CVE-2001-1296
More.groupware PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Marc Logemann More.groupware 0.5.1
NA
CVE-2005-1708
templates.admin.users.user_form_processing in Blue Coat Reporter prior to 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
Bluecoat Reporter
1 EDB exploit
NA
CVE-2003-0312
Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in an HTTP request.
Snowblind.net Snowblind Web Server 1.0
1 EDB exploit
4.3
CVSSv3
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and previous versions does not require POST requests for an HTTP endpoint, allowing malicious users to reindex the database.
Jenkins Lucene-search
4.9
CVSSv3
CVE-2022-39166
IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.
Ibm Security Guardium 11.4
9.8
CVSSv3
CVE-2020-8427
In Unitrends Backup prior to 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass.
Unitrends Backup
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »