Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-27569
The eo_tags package prior to 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.
Prestashop Eo Tags
NA
CVE-2009-13573
Core Security Technologies Advisory - An HTTP Response Splitting vulnerability has been discovered in Sun Java System Delegated Administrator.
NA
CVE-2009-2064
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page...
Microsoft Internet Explorer 6
Microsoft Pocket Ie 1.1
Microsoft Pocket Ie 2.0
Microsoft Internet Explorer 8
Microsoft Internet Explorer 8.0b
Microsoft Pocket Ie 3.0
Microsoft Pocket Ie 4.0
Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01
Microsoft Pocket Ie 1.0
Microsoft Internet Explorer
Microsoft Internet Explorer 7
Microsoft Internet Explorer 7.0.5730
Microsoft Pocket Ie 2002
Microsoft Pocket Ie 2003
7.5
CVSSv3
CVE-2020-28851
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Go 1.15.4
4.5
CVSSv3
CVE-2022-4130
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
Redhat Satellite 6.11
Redhat Satellite 6.9
Redhat Satellite 6.10
NA
CVE-2001-0391
Xitami 2.5d4 and previous versions allows remote malicious users to crash the server via an HTTP request to the /aux directory.
Imatix Xitami 2.4d7
Imatix Xitami 2.5d4
NA
CVE-2004-1590
Clientexec allows remote malicious users to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
Clientexec Clientexec 2.2.1
5.3
CVSSv3
CVE-2022-45027
perfSONAR prior to 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.
Perfsonar Perfsonar
NA
CVE-2004-2385
EMU Webmail 5.2.7 allows remote malicious users to obtain sensitive path information (home directory) via an HTTP request for init.emu.
Emumail Emu Webmail 5.2.7
1 EDB exploit
NA
CVE-2002-0433
Pi3Web 2.0.0 allows remote malicious users to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.
Pi3 Pi3web 2.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »