Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0440
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
Trend Micro Interscan Viruswall 3.51
Trend Micro Interscan Viruswall 3.6
1 EDB exploit
7.5
CVSSv2
CVE-2008-6882
Live Chat (com_livechat) component 1.0 for Joomla! allows remote malicious users to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
Joompolitan Com Livechat 1.0
1 EDB exploit
5
CVSSv2
CVE-2004-1484
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and previous versions, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
Socat Socat 1.1.0.0
Socat Socat 1.1.0.1
Socat Socat 1.4.0.0
Socat Socat 1.4.0.1
Socat Socat 1.2.0.0
Socat Socat 1.3.0.0
Socat Socat 1.4.0.2
Socat Socat 1.0.3.0
Socat Socat 1.0.4.0
Socat Socat 1.3.0.1
Socat Socat 1.3.1.0
Socat Socat 1.3.2.0
Socat Socat 1.0.4.1
Socat Socat 1.0.4.2
Socat Socat 1.3.2.1
Socat Socat 1.3.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2003-1286
HTTP Proxy in Sambar Server prior to 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote malicious users to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive&...
Sambar Sambar Server 5.0
Sambar Sambar Server 5.1
Sambar Sambar Server 6.0
Sambar Sambar Server 5.2
Sambar Sambar Server 5.3
1 EDB exploit
4.3
CVSSv2
CVE-2010-2787
api.php in MediaWiki prior to 1.15.5 does not prevent use of public caching headers for private data, which allows remote malicious users to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by...
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.10.4
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.3.12
Mediawiki Mediawiki 1.3.15
Mediawiki Mediawiki 1.5.8
Mediawiki Mediawiki 1.2.2
Mediawiki Mediawiki 1.5
Mediawiki Mediawiki 1.3.4
Mediawiki Mediawiki 1.3.5
Mediawiki Mediawiki 1.4.7
Mediawiki Mediawiki 1.4.6
Mediawiki Mediawiki 1.4.3
Mediawiki Mediawiki 1.4.2
Mediawiki Mediawiki 1.5.5
Mediawiki Mediawiki 1.5.0
Mediawiki Mediawiki 1.11.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.1.0
Mediawiki Mediawiki 1.10.2
5
CVSSv2
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Squid-cache Squid
4.3
CVSSv2
CVE-2019-17598
An issue exists in Lightbend Play Framework 2.5.x up to and including 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the ta...
Lightbend Play Framework
5
CVSSv2
CVE-2016-6286
The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow malicious users to direct CGI programs which use this environment variable to use an attacker-specified HTTP proxy server (also k...
Call-cc Http-client
6.8
CVSSv2
CVE-2006-5036
MySource Matrix 3.8 and previous versions, and MySource 2.x, allow remote malicious users to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks...
Squiz Mysource Classic
Squiz Mysource Matrix
6.8
CVSSv2
CVE-2006-5037
MySource Matrix after 3.8 allows remote malicious users to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the rese...
Squiz Mysource Matrix 3.8.6a
Squiz Mysource Matrix 3.8.2
Squiz Mysource Matrix 3.8.3
Squiz Mysource Matrix 3.10.1
Squiz Mysource Matrix 3.8.4
Squiz Mysource Matrix 3.8
Squiz Mysource Matrix 3.10
Squiz Mysource Matrix 3.8.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »