Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-25848
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
Static-dev-server Project Static-dev-server 1.0.0
9.8
CVSSv3
CVE-2023-4494
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine.
Easy Chat Server Project Easy Chat Server 3.1
NA
CVE-2006-2141
Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the pos argument.
Collaborative Portal Server Project Collaborative Portal Server 3.4.0
1 EDB exploit
9.8
CVSSv3
CVE-2019-11383
An issue exists in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
Wifi Ftp Server Project Wifi Ftp Server 1.8.3
7.8
CVSSv3
CVE-2021-43456
An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
5.4
CVSSv3
CVE-2021-43459
A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
5.4
CVSSv3
CVE-2021-43461
Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.
Rumble Mail Server Project Rumble Mail Server 0.51.3135
7.8
CVSSv3
CVE-2020-26130
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe...
Open Tftp Server Project Open Tftp Server 1.66
7.8
CVSSv3
CVE-2020-26132
An issue exists in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
Home Dns Server Project Home Dns Server 0.10
7.5
CVSSv3
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote malicious users to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Miniweb Http Server Project Miniweb Http Server 0.8.19
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »