Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leif m. wright vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2347
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote malicious users to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
Leif M. Wright Web Blog 1.1
Leif M. Wright Web Blog 1.1.5
1 EDB exploit
NA
CVE-2005-1350
The ad.cgi script allows remote malicious users to read arbitrary files via a full pathname in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1351
The ad.cgi script allows remote malicious users to execute arbitrary commands via shell metacharacters in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1352
Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote malicious users to inject arbitrary web script or HTML via the argument.
Leif M. Wright Ad.cgi
NA
CVE-2001-0022
simplestguest.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the guestbook parameter.
Leif M. Wright Simplestguest.cgi 2.0
1 EDB exploit
NA
CVE-2001-0023
everythingform.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the config parameter.
Leif M. Wright Everythingform.cgi 2.0
1 EDB exploit
NA
CVE-2001-0024
simplestmail.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the MyEmail parameter.
Leif M. Wright Simplestmail.cgi 1.0
1 EDB exploit
NA
CVE-2001-0025
ad.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the file parameter.
Leif M. Wright Ad.cgi 1.0
1 EDB exploit
NA
CVE-2006-0843
Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote malicious users to read the administrator's password.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0844
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote malicious users to bypass login authentication, probably by setting the blogAdmin cookie.
Leif M. Wright Web Blog 3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »