Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patrick webster vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-1724
Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server prior to 4.6.1 Hotfix 20 allows remote malicious users to execute arbitrary code via a long remo...
Tumbleweed Securetransport Server App
2 EDB exploits
7.5
CVSSv2
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla!
9 EDB exploits
121 Github repositories
7.5
CVSSv2
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla!
3 EDB exploits
92 Github repositories
7.5
CVSSv2
CVE-2009-2936
The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish prior to 2.1.0 does not require authentication for commands received through a TCP port, which allows remote malicious users to (1) execute arbitra...
Varnish.projects.linpro Varnish 1.0.1
Varnish.projects.linpro Varnish 1.1.2
Varnish.projects.linpro Varnish 2.0.5
Varnish.projects.linpro Varnish 2.0.2
Varnish.projects.linpro Varnish 1.0.3
Varnish.projects.linpro Varnish 1.0.4
Varnish.projects.linpro Varnish 2.0.1
Varnish.projects.linpro Varnish 2.0
Varnish.projects.linpro Varnish 0.9.1
Varnish.projects.linpro Varnish 1.0
Varnish.projects.linpro Varnish 2.0.6
Varnish.projects.linpro Varnish 0.9
Varnish.projects.linpro Varnish 2.0.3
Varnish.projects.linpro Varnish 1.0.2
Varnish.projects.linpro Varnish 1.1.1
Varnish.projects.linpro Varnish 1.1
Varnish.projects.linpro Varnish 2.0.4
1 EDB exploit
7.5
CVSSv2
CVE-2004-2685
Buffer overflow in YoungZSoft CCProxy 6.2 and previous versions allows remote malicious users to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416.
Youngzsoft Ccproxy
2 EDB exploits
6.4
CVSSv2
CVE-2006-4901
Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote malicious users to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.
Broadcom Etrust Audit Client 1.5
Broadcom Etrust Audit Client 8.0
Broadcom Etrust Audit Datatools 1.5
Broadcom Etrust Audit Datatools 8.0
Broadcom Etrust Audit Policy Manager 1.5
Broadcom Etrust Audit Policy Manager 8.0
Broadcom Etrust Security Command Center 1.0
Broadcom Etrust Security Command Center 8
1 EDB exploit
5.5
CVSSv2
CVE-2006-4900
Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, allows remote authenticated users to read and delete arbitrary files via ".." sequences in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet, which i...
Broadcom Etrust Security Command Center 8
1 EDB exploit
5
CVSSv2
CVE-2007-2048
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and previous versions allows remote malicious users to read arbitrary system files via a .. (dot dot) in the resource parameter.
Webmethods Glue 5.0
Webmethods Glue 4.0
Webmethods Glue 6.5.1
1 EDB exploit
5
CVSSv2
CVE-2006-5019
Google Mini 4.4.102.M.36 and previous versions allows remote malicious users to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.
Google Mini Search Appliance
1 EDB exploit
5
CVSSv2
CVE-2006-4899
The ePPIServlet script in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote malicious users to obtain the web server path via a "'" (single quote) in the PIProfile function, which leaks the path...
Broadcom Etrust Security Command Center 1.0
Broadcom Etrust Security Command Center 8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »