Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0440
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
Trend Micro Interscan Viruswall 3.51
Trend Micro Interscan Viruswall 3.6
1 EDB exploit
NA
CVE-2008-6882
Live Chat (com_livechat) component 1.0 for Joomla! allows remote malicious users to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
Joompolitan Com Livechat 1.0
1 EDB exploit
NA
CVE-2004-1484
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and previous versions, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
Socat Socat 1.1.0.0
Socat Socat 1.1.0.1
Socat Socat 1.4.0.0
Socat Socat 1.4.0.1
Socat Socat 1.2.0.0
Socat Socat 1.3.0.0
Socat Socat 1.4.0.2
Socat Socat 1.0.3.0
Socat Socat 1.0.4.0
Socat Socat 1.3.0.1
Socat Socat 1.3.1.0
Socat Socat 1.3.2.0
Socat Socat 1.0.4.1
Socat Socat 1.0.4.2
Socat Socat 1.3.2.1
Socat Socat 1.3.2.2
1 EDB exploit
NA
CVE-2003-1286
HTTP Proxy in Sambar Server prior to 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote malicious users to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive&...
Sambar Sambar Server 5.0
Sambar Sambar Server 5.1
Sambar Sambar Server 6.0
Sambar Sambar Server 5.2
Sambar Sambar Server 5.3
1 EDB exploit
NA
CVE-2010-2787
api.php in MediaWiki prior to 1.15.5 does not prevent use of public caching headers for private data, which allows remote malicious users to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by...
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.10.4
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.3.12
Mediawiki Mediawiki 1.3.15
Mediawiki Mediawiki 1.5.8
Mediawiki Mediawiki 1.2.2
Mediawiki Mediawiki 1.5
Mediawiki Mediawiki 1.3.4
Mediawiki Mediawiki 1.3.5
Mediawiki Mediawiki 1.4.7
Mediawiki Mediawiki 1.4.6
Mediawiki Mediawiki 1.4.3
Mediawiki Mediawiki 1.4.2
Mediawiki Mediawiki 1.5.5
Mediawiki Mediawiki 1.5.0
Mediawiki Mediawiki 1.11.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.1.0
Mediawiki Mediawiki 1.10.2
7.5
CVSSv3
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Squid-cache Squid
7.5
CVSSv3
CVE-2019-17598
An issue exists in Lightbend Play Framework 2.5.x up to and including 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the ta...
Lightbend Play Framework
7.5
CVSSv3
CVE-2016-6286
The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow malicious users to direct CGI programs which use this environment variable to use an attacker-specified HTTP proxy server (also k...
Call-cc Http-client
NA
CVE-2006-5036
MySource Matrix 3.8 and previous versions, and MySource 2.x, allow remote malicious users to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks...
Squiz Mysource Classic
Squiz Mysource Matrix
NA
CVE-2006-5037
MySource Matrix after 3.8 allows remote malicious users to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the rese...
Squiz Mysource Matrix 3.8.6a
Squiz Mysource Matrix 3.8.2
Squiz Mysource Matrix 3.8.3
Squiz Mysource Matrix 3.10.1
Squiz Mysource Matrix 3.8.4
Squiz Mysource Matrix 3.8
Squiz Mysource Matrix 3.10
Squiz Mysource Matrix 3.8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »