Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shellinabox vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-16789
libhttp/url.c in shellinabox up to and including 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resource...
Shellinabox Project Shellinabox
7.4
CVSSv3
CVE-2015-8400
The HTTPS fallback implementation in Shell In A Box (aka shellinabox) prior to 2.19 makes it easier for remote malicious users to conduct DNS rebinding attacks via the "/plain" URL.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Shellinabox Project Shellinabox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started