Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
craig heffner vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2013-6027
Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long set/runtime/diagnostic/pingIp parameter to Tools/tools_misc.xgi.
Dlink Dir-100 -
1 EDB exploit
10
CVSSv2
CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote malicious users to bypass authentication and modify settings via an xmlset_r...
Dlink Di-604s -
Dlink Tm-g5240 -
Dlink Di-524up -
Dlink Di-604up -
Dlink Di-624s -
Dlink Di-604\\+ -
Dlink Dir-120 -
Dlink Dir-100 -
Alphanetworks Vdsl Asl-55052 -
Alphanetworks Vdsl Asl-56552 -
Planex Brl-04r -
Planex Brl-04cw -
Planex Brl-04ur -
2 Github repositories
5
CVSSv2
CVE-2006-7133
Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote malicious users to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter.
Php Upload Tool Php Upload Tool 1.0
1 EDB exploit
10
CVSSv2
CVE-2007-1225
The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote malicious users to conduct unauthorized activities and avoid detection.
Grok Developments Netproxy 4.03
1 EDB exploit
7.5
CVSSv2
CVE-2007-1250
SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Angel Learning Learning Management Suite 7.1
1 EDB exploit
10
CVSSv2
CVE-2006-7134
Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote malicious users to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
Noah Spurrier Upload Tool For Php 1.0
1 EDB exploit
5
CVSSv2
CVE-2006-6028
Directory traversal vulnerability in textview.php in Anton Vlasov DoSePa 1.0.4 allows remote malicious users to read arbitrary files via a .. (dot dot) sequence or absolute file path in the file parameter.
Anton Vlasov Dosepa 1.0.4
1 EDB exploit
7.5
CVSSv2
CVE-2006-5889
SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Brewblogger Brewblogger 1.3.1
1 EDB exploit
5
CVSSv2
CVE-2007-1224
Grok Developments NetProxy 4.03 allows remote malicious users to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80).
Grok Developments Netproxy 4.03
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started