Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andreas vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4210
nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote malicious users to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained fro...
Andreas Kansok Phpay 2.02
Andreas Kansok Phpay 2.02.1
1 EDB exploit
NA
CVE-2002-0137
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.
Andreas Mueller Cdrdao 1.1.4
Andreas Mueller Cdrdao 1.1.5
4 EDB exploits
NA
CVE-2002-0138
CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command.
Andreas Mueller Cdrdao 1.1.5
Andreas Mueller Cdrdao 1.1.4
NA
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
NA
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2013-2208
tpp 1.3.1 allows remote malicious users to execute arbitrary commands via a --exec command in a TPP template file.
Andreas Krennmair Tpp 1.3.1
NA
CVE-2007-4232
PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0.93 allows remote malicious users to execute arbitrary PHP code via a URL in the format_menue parameter.
Andreas Robertz Phpnews 0.93
1 EDB exploit
NA
CVE-2012-2128
Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is res...
Andreas Gohr Dokuwiki 2012-01-25
NA
CVE-2012-2129
Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to inject arbitrary web script or HTML via the target parameter in an edit action.
Andreas Gohr Dokuwiki 2012-01-25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »