Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
popcorn vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-25229
Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this t...
Popcorn Time Project Popcorn Time 0.4.7
7.5
CVSSv2
CVE-2002-1044
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.
Ultrafunk Popcorn 1.20
5
CVSSv2
CVE-2002-1045
Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037.
Ultrafunk Popcorn 1.20
5
CVSSv2
CVE-2002-1043
Ultrafunk Popcorn 1.20 allows remote malicious users to cause a denial of service (crash) via a malformed Subject ("\t\t").
Ultrafunk Popcorn 1.20
1 EDB exploit
9.3
CVSSv2
CVE-2009-1647
Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of these details are obtained from third party information.
Ultrafunk Popcorn 1.87
1 EDB exploit
10
CVSSv2
CVE-2018-12072
An issue exists in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it.
Cloudmedia Popcorn A-200 Firmware 03-05-130708-21-pop-411-000
4.3
CVSSv2
CVE-2010-0936
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote malicious users to inject arbitrary web script or HTML via the nickname parameter.
D-link Dkvm-ip8 2282 Dlinka4 P8 20071213
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started