Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
craig heffner vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2013-6027
Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long set/runtime/diagnostic/pingIp parameter to Tools/tools_misc.xgi.
Dlink Dir-100 -
1 EDB exploit
891
VMScore
CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote malicious users to bypass authentication and modify settings via an xmlset_r...
Dlink Di-604s -
Dlink Tm-g5240 -
Dlink Di-524up -
Dlink Di-604up -
Dlink Di-624s -
Dlink Di-604\\+ -
Dlink Dir-120 -
Dlink Dir-100 -
Alphanetworks Vdsl Asl-55052 -
Alphanetworks Vdsl Asl-56552 -
Planex Brl-04r -
Planex Brl-04cw -
Planex Brl-04ur -
2 Github repositories
755
VMScore
CVE-2006-5889
SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Brewblogger Brewblogger 1.3.1
1 EDB exploit
505
VMScore
CVE-2006-7133
Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote malicious users to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter.
Php Upload Tool Php Upload Tool 1.0
1 EDB exploit
1000
VMScore
CVE-2006-7134
Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote malicious users to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
Noah Spurrier Upload Tool For Php 1.0
1 EDB exploit
505
VMScore
CVE-2006-6028
Directory traversal vulnerability in textview.php in Anton Vlasov DoSePa 1.0.4 allows remote malicious users to read arbitrary files via a .. (dot dot) sequence or absolute file path in the file parameter.
Anton Vlasov Dosepa 1.0.4
1 EDB exploit
1000
VMScore
CVE-2007-1225
The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote malicious users to conduct unauthorized activities and avoid detection.
Grok Developments Netproxy 4.03
1 EDB exploit
505
VMScore
CVE-2007-1224
Grok Developments NetProxy 4.03 allows remote malicious users to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80).
Grok Developments Netproxy 4.03
1 EDB exploit
755
VMScore
CVE-2007-1250
SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Angel Learning Learning Management Suite 7.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started