Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leif m. wright vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0843
Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote malicious users to read the administrator's password.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0844
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote malicious users to bypass login authentication, probably by setting the blogAdmin cookie.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0846
Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator v...
Leif M. Wright Web Blog 3.5
NA
CVE-2005-1351
The ad.cgi script allows remote malicious users to execute arbitrary commands via shell metacharacters in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1350
The ad.cgi script allows remote malicious users to read arbitrary files via a full pathname in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1352
Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote malicious users to inject arbitrary web script or HTML via the argument.
Leif M. Wright Ad.cgi
NA
CVE-2004-2347
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote malicious users to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
Leif M. Wright Web Blog 1.1
Leif M. Wright Web Blog 1.1.5
1 EDB exploit
NA
CVE-2004-2127
Directory traversal vulnerability in Web Blog 1.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file variable.
Leif M. Wright Web Blog 1.1
1 EDB exploit
NA
CVE-2001-0025
ad.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the file parameter.
Leif M. Wright Ad.cgi 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »