Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4837
SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Proxy Anket Proxy Anket 3.0.1
5.4
CVSSv3
CVE-2020-4037
In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect UR...
Oauth2 Proxy Project Oauth2 Proxy
7.5
CVSSv3
CVE-2018-19246
PHP-Proxy 5.1.0 allows remote malicious users to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default confi...
Php-proxy Php-proxy 5.1.0
1 EDB exploit
2 Github repositories
7.5
CVSSv3
CVE-2018-19458
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
Php-proxy Php-proxy 3.0.3
1 EDB exploit
6.1
CVSSv3
CVE-2017-1000070
The Bitly oauth2_proxy in version 2.1 and previous versions was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
Oauth2 Proxy Project Oauth2 Proxy
NA
CVE-2004-1035
Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote malicious users to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that a...
Imap Proxy Imap Proxy 1.2.2
6.1
CVSSv3
CVE-2020-5233
OAuth2 Proxy prior to 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0.
Oauth2 Proxy Project Oauth2 Proxy
7.5
CVSSv3
CVE-2018-19784
The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for malicious users to calculate the authorization data needed for local file inclusion.
Php-proxy Php-proxy 5.1.0
6.1
CVSSv3
CVE-2021-21291
OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a d...
Oauth2 Proxy Project Oauth2 Proxy
9.8
CVSSv3
CVE-2021-41739
A OS Command Injection vulnerability exists in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp.
Artica-proxy Artica Proxy 4.30.000000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »