Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
change uploaded file permissions project change uploaded file permissions vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-1788
Due to missing checks the Change Uploaded File Permissions WordPress plugin up to and including 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made rea...
Change Uploaded File Permissions Project Change Uploaded File Permissions
125
VMScore
CVE-2003-0462
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
Mandrakesoft Mandrake Multi Network Firewall 8.2
Linux Linux Kernel 2.4.1
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.14
Linux Linux Kernel 2.4.20
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.9
Mandrakesoft Mandrake Linux 8.2
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.2
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.4.8
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.5
Linux Linux Kernel 2.4.6
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.16
1 EDB exploit
215
VMScore
CVE-2003-0501
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
Linux Linux Kernel 2.6.20.1
1 EDB exploit
187
VMScore
CVE-2003-0476
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
Linux Linux Kernel 2.4.0
320
VMScore
CVE-2003-0018
Linux kernel 2.4.10 up to and including 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.14
Linux Linux Kernel 2.4.18
187
VMScore
CVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Redhat Linux 7.1
Redhat Linux 7.2
Redhat Linux 9.0
Redhat Linux 7.3
Redhat Linux 8.0
445
VMScore
CVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows malicious users to modify the bridge topology.
Redhat Linux 2.4.2
445
VMScore
CVE-2003-0551
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow malicious users to cause a denial of service.
Redhat Linux 2.4.2
445
VMScore
CVE-2003-0552
Linux 2.4.x allows remote malicious users to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
Redhat Linux 2.4.2
730
VMScore
CVE-2003-0961
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and previous versions allows local users to gain root privileges.
Linux Linux Kernel
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »