Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2003-0317
iisPROTECT 2.1 and 2.2 allows remote malicious users to bypass authentication via an HTTP request containing URL-encoded characters.
Iisprotect Iisprotect 2.1
Iisprotect Iisprotect 2.2
1 EDB exploit
NA
CVE-2009-13573
Core Security Technologies Advisory - An HTTP Response Splitting vulnerability has been discovered in Sun Java System Delegated Administrator.
445
VMScore
CVE-2020-28851
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Go 1.15.4
605
VMScore
CVE-2009-2064
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page...
Microsoft Internet Explorer 6
Microsoft Pocket Ie 1.1
Microsoft Pocket Ie 2.0
Microsoft Internet Explorer 8
Microsoft Internet Explorer 8.0b
Microsoft Pocket Ie 3.0
Microsoft Pocket Ie 4.0
Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01
Microsoft Pocket Ie 1.0
Microsoft Internet Explorer
Microsoft Internet Explorer 7
Microsoft Internet Explorer 7.0.5730
Microsoft Pocket Ie 2002
Microsoft Pocket Ie 2003
NA
CVE-2022-4130
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
Redhat Satellite 6.11
Redhat Satellite 6.9
Redhat Satellite 6.10
1000
VMScore
CVE-2005-2420
flsearch.pl in FtpLocate 2.02 allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTP GET request.
1 EDB exploit
445
VMScore
CVE-2001-0391
Xitami 2.5d4 and previous versions allows remote malicious users to crash the server via an HTTP request to the /aux directory.
Imatix Xitami 2.4d7
Imatix Xitami 2.5d4
445
VMScore
CVE-2002-0433
Pi3Web 2.0.0 allows remote malicious users to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.
Pi3 Pi3web 2.0.0
445
VMScore
CVE-2004-1590
Clientexec allows remote malicious users to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
Clientexec Clientexec 2.2.1
NA
CVE-2022-45027
perfSONAR prior to 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.
Perfsonar Perfsonar
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »