Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero-x vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2003-1166
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote malicious users to view arbitrary files via a .. (dot dot) in the file parameter.
Http Commander Http Commander 4.0
1 EDB exploit
5
CVSSv2
CVE-2002-1559
Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote malicious users to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter.
Research Systems Inc. Ion Script 1.4
1 EDB exploit
10
CVSSv2
CVE-2007-6176
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
Amensa-soft K\\+b-bestellsystem 2.3.3
1 EDB exploit
4.3
CVSSv2
CVE-2008-1541
Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS Webshop 2.50 allows remote malicious users to read arbitrary files via a .. (dot dot) in the t parameter.
His Webshop 2.50
1 EDB exploit
5
CVSSv2
CVE-2003-1207
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
7.5
CVSSv2
CVE-2002-2190
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote malicious users to obtain the passwords via an HTTP request to a .user file.
Artscore Studios Cutecast Forum 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2004-0070
PHP remote file inclusion vulnerability in module.php for ezContents allows remote malicious users to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
Visualshapers Ezcontents
1 EDB exploit
5
CVSSv2
CVE-2004-0237
Directory traversal vulnerability in index.php in Aprox PHP Portal allows remote malicious users to read arbitrary files via a full pathname in the show parameter.
1 EDB exploit
10
CVSSv2
CVE-2008-6555
cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote malicious users to execute arbitrary commands via shell metacharacters in the dig command.
Puppetmaster Webutil 2.3
Puppetmaster Webutil 2.7
1 EDB exploit
2.1
CVSSv2
CVE-2004-2309
Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »