Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-5135
The Java XML parser in Echo prior to 2.1.1 and 3.x prior to 3.0.b6 allows remote malicious users to read arbitrary files via a request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Nextapp Echo 2.1.0
Nextapp Echo 2.0
Nextapp Echo
Nextapp Echo 2.0.1
Nextapp Echo 3.0
1 EDB exploit
NA
CVE-2015-8007
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification.
Echo Project Echo
5.3
CVSSv3
CVE-2020-36565
Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an malicious user to read files outside of the target directory that the server has permission to read.
Labstack Echo
9.6
CVSSv3
CVE-2022-40083
Labstack Echo v4.8.0 exists to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by malicious users to cause a Server-Side Request Forgery (SSRF).
Labstack Echo 4.8.0
6.1
CVSSv3
CVE-2016-10984
The echosign plugin prior to 1.2 for WordPress has XSS via the inc.php page parameter.
Smackcoders Echo Sign
6.1
CVSSv3
CVE-2016-10985
The echosign plugin prior to 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.
Smackcoders Echo Sign
7.8
CVSSv3
CVE-2023-38817
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local malicious user to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYST...
Echo Anti Cheat Tool
3 Github repositories
NA
CVE-2014-7342
The Echo News (aka com.solo.report) 1.10 application (beta) for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Echonewshk Echo News Beta
NA
CVE-2007-1834
Cisco Unified CallManager (CUCM) 5.0 prior to 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 prior to 1.0(3) allow remote malicious users to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
Cisco Unified Callmanager 5.0
Cisco Unified Callmanager 5.0\\(1\\)
Cisco Unified Presence Server 1.0\\(1\\)
Cisco Unified Presence Server 1.0\\(2\\)
Cisco Unified Callmanager 5.0\\(3a\\)
Cisco Unified Callmanager 5.0\\(4\\)
Cisco Unified Presence Server 1.0
Cisco Unified Callmanager 5.0\\(2\\)
Cisco Unified Callmanager 5.0\\(3\\)
NA
CVE-2000-0418
The Cayman 3220-H DSL router allows remote malicious users to cause a denial of service via oversized ICMP echo (ping) requests.
Cayman Gatorsurf 5.3build R2
Cayman Gatorsurf 5.5build R1
Cayman 3220-h Dsl Router 1.0
Cayman Gatorsurf 5.3
Cayman Gatorsurf 5.3build R1
Cayman Gatorsurf 5.5build R0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »