Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leif m. wright vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0843
Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote malicious users to read the administrator's password.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0844
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote malicious users to bypass login authentication, probably by setting the blogAdmin cookie.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0846
Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator v...
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
Leif M. Wright Web Blog 3.5
NA
CVE-2005-1351
The ad.cgi script allows remote malicious users to execute arbitrary commands via shell metacharacters in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1350
The ad.cgi script allows remote malicious users to read arbitrary files via a full pathname in the argument.
Leif M. Wright Ad.cgi
NA
CVE-2005-1352
Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote malicious users to inject arbitrary web script or HTML via the argument.
Leif M. Wright Ad.cgi
NA
CVE-2004-2347
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote malicious users to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
Leif M. Wright Web Blog 1.1
Leif M. Wright Web Blog 1.1.5
1 EDB exploit
NA
CVE-2004-2127
Directory traversal vulnerability in Web Blog 1.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file variable.
Leif M. Wright Web Blog 1.1
1 EDB exploit
NA
CVE-2001-0022
simplestguest.cgi CGI program by Leif Wright allows remote malicious users to execute arbitrary commands via shell metacharacters in the guestbook parameter.
Leif M. Wright Simplestguest.cgi 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »