Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
felipe daragon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1464
Multiple cross-site request forgery (CSRF) vulnerabilities in index.aas in Application Access Server (A-A-S) 2.0.48 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary programs via a command job, (2) stop services vi...
Klinzmann Application Access Server 2.0.48
NA
CVE-2010-3743
Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 RC1 through RC3, and 0.60 and previous versions, allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI.
Rene Tegel Visual Synapse
Rene Tegel Visual Synapse 0.50
Rene Tegel Visual Synapse 1.0
NA
CVE-2009-1465
Application Access Server (A-A-S) 2.0.48 has "wildbat" as its default password for the admin account, which makes it easier for remote malicious users to obtain access.
Klinzmann Application Access Server 2.0.48
5.5
CVSSv3
CVE-2009-1466
Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.
Klinzmann Application Access Server 2.0.48
NA
CVE-2008-0410
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a username and password, as demonstrated by placing this id element i...
Hfs Http File Server
NA
CVE-2008-0409
Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) prior to 2.2c allows remote malicious users to inject arbitrary web script or HTML via the userinfo subcomponent of a URL.
Hfs Http File Server
NA
CVE-2008-0408
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
Hfs Http File Server
NA
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
NA
CVE-2008-0407
HTTP File Server (HFS) prior to 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request.
Hfs Http File Server
NA
CVE-2008-0406
HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allows remote malicious users to cause a denial of service (daemon crash) via a long account name.
Hfs Http File Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started