Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
badblue vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2003
BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote malicious users to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dy...
Badblue Badblue 2.72
NA
CVE-2007-6377
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and previous versions allows remote malicious users to execute arbitrary code via a long query string.
Badblue Badblue
3 EDB exploits
NA
CVE-2007-6378
Directory traversal vulnerability in upload.dll in BadBlue 2.72b and previous versions allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.
Badblue Badblue
1 EDB exploit
NA
CVE-2007-6379
BadBlue 2.72b and previous versions allows remote malicious users to obtain sensitive information via an invalid browse parameter, which reveals the installation path in an error message.
Badblue Badblue
1 EDB exploit
NA
CVE-2005-0595
Buffer overflow in ext.dll in BadBlue 2.55 allows remote malicious users to execute arbitrary code via a long mfcisapicommand parameter.
Working Resources Inc. Badblue 2.55
2 EDB exploits
NA
CVE-2004-2374
BadBlue 2.4 allows remote malicious users to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.
Working Resources Inc. Badblue 2.40
1 EDB exploit
NA
CVE-2004-1727
BadBlue 2.5 allows remote malicious users to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.
Working Resources Inc. Badblue 2.50
1 EDB exploit
NA
CVE-2003-0332
The ISAPI extension in BadBlue 1.7 up to and including 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote malicious users to bypass authentication via a filename with a .ats extension i...
Working Resources Inc. Badblue
1 EDB exploit
NA
CVE-2002-1541
BadBlue 1.7 allows remote malicious users to bypass password protections for directories and files via an HTTP request containing an extra / (slash).
Working Resources Inc. Badblue 1.7.0
NA
CVE-2002-1685
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote malicious users to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
Working Resources Inc. Badblue Enterprise 1.7.2
Working Resources Inc. Badblue Personal 1.7
Working Resources Inc. Badblue Personal 1.7.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »