Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4012
ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).
Ntpsec Ntpsec 1.2.2
NA
CVE-2023-38501
copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, u...
Copyparty Project Copyparty
1 Github repository
NA
CVE-2023-37259
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Expo...
Matrix-react-sdk Project Matrix-react-sdk
Matrix-react-sdk Project Matrix-react-sdk 3.76.0
NA
CVE-2022-4023
The 3DPrint WordPress plugin prior to 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an malicious user to craft a malicious request that will create an archive of any files or directories on the target...
3dprint Project 3dprint
NA
CVE-2023-37474
Copyparty is a portable file server. Versions before 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root d...
Copyparty Project Copyparty
NA
CVE-2023-38198
acme.sh prior to 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.
Acme.sh Project Acme.sh
NA
CVE-2023-37200
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause loss of confidentiality when replacing a project file on the local filesystem and after manual restart of the server.
Se Ecostruxure Opc Ua Server Expert
Se Ecostruxure Opc Ua Server Expert 2.01
NA
CVE-2023-1672
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
Tang Project Tang
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-36994
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an malicious user to overwrite the server configuration and inject PHP code.
Travianz Project Travianz 8.3.4
Travianz Project Travianz 8.3.3
NA
CVE-2023-36822
Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions before 1.22.1. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API...
Uptime-kuma Project Uptime-kuma
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »