Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popcorn vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-25229
Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this t...
Popcorn Time Project Popcorn Time 0.4.7
NA
CVE-2002-1044
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.
Ultrafunk Popcorn 1.20
NA
CVE-2002-1045
Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037.
Ultrafunk Popcorn 1.20
NA
CVE-2009-1647
Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of these details are obtained from third party information.
Ultrafunk Popcorn 1.87
1 EDB exploit
NA
CVE-2002-1043
Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) via a malformed Subject ("\t\t").
Ultrafunk Popcorn 1.20
1 EDB exploit
9.8
CVSSv3
CVE-2018-12072
An issue exists in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it.
Cloudmedia Popcorn A-200 Firmware 03-05-130708-21-pop-411-000
NA
CVE-2010-0936
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote malicious users to inject arbitrary web script or HTML via the nickname parameter.
D-link Dkvm-ip8 2282 Dlinka4 P8 20071213
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started