Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monkey vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2012-4443
Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access.
Monkey-project Monkey 0.9.3
418
VMScore
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
Monkey-project Monkey 0.9.3
668
VMScore
CVE-2007-2105
Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.
Monkey Cms Monkey Cms 0.0.3
NA
CVE-2023-28413
Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and previous versions allows a remote unauthenticated malicious user to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.
Snow Monkey Forms Project Snow Monkey Forms
445
VMScore
CVE-2020-2323
Jenkins Chaos Monkey Plugin 0.4 and previous versions does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.
Netflix Chaos Monkey
329
VMScore
CVE-2009-0415
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path.
Monkey Trickle 1.07
445
VMScore
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and previous versions does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.
Netflix Chaos Monkey
516
VMScore
CVE-2017-7266
Netflix Security Monkey prior to 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
Netflix Security Monkey
NA
CVE-2023-32623
Directory traversal vulnerability in Snow Monkey Forms v5.1.1 and previous versions allows a remote unauthenticated malicious user to delete arbitrary files on the server.
2inc Snow Monkey Forms
445
VMScore
CVE-2006-6113
Monkey Boards 0.3.5 allows remote malicious users to obtain sensitive information via direct requests to (1) include/admin_auth.inc.php and (2) include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administ...
James Greenwood Monkey Boards 0.3.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »