Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

man-in-the-middle vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2000-0020
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections....
Man And Mice Dns Pro 5.7
7.5
CVSSv2
CVE-2010-2134
Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter....
Http-solution Project Man 1.0
7.5
CVSSv2
CVE-2006-1586
SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter....
Internet Solutions Professionals Site Man
7.5
CVSSv2
CVE-2005-3094
Avi Alkalay man-cgi script allows remote attackers to execute arbitrary code via shell metacharacters in the topic parameter....
Avi Alkalay Man Cgi
7.5
CVSSv2
CVE-2007-1156
JBrowser allows remote attackers to bypass authentication and access certain administrative capabilities via a direct request for _admin/....
Man Machine Systems Jbrowser
7.5
CVSSv2
CVE-2001-0398
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon....
Ritlabs The Bat 1.0 Build1336Ritlabs The Bat 1.0 Build1349Ritlabs The Bat 1.1Ritlabs The Bat 1.011Ritlabs The Bat 1.14Ritlabs The Bat 1.015Ritlabs The Bat 1.15Ritlabs The Bat 1.17Ritlabs The Bat 1.18Ritlabs The Bat 1.19Ritlabs The Bat 1.21Ritlabs The Bat 1.22Ritlabs The Bat 1.028Ritlabs The Bat 1.029Ritlabs The Bat 1.031Ritlabs The Bat 1.31Ritlabs The Bat 1.032Ritlabs The Bat 1.32Ritlabs The Bat 1.33Ritlabs The Bat 1.34Ritlabs The Bat 1.035Ritlabs The Bat 1.35Ritlabs The Bat 1.036Ritlabs The Bat 1.36Ritlabs The Bat 1.037Ritlabs The Bat 1.039Ritlabs The Bat 1.39Ritlabs The Bat 1.041Ritlabs The Bat 1.41Ritlabs The Bat 1.42Ritlabs The Bat 1.42fRitlabs The Bat 1.043Ritlabs The Bat 1.43Ritlabs The Bat 1.44Ritlabs The Bat 1.45Ritlabs The Bat 1.46Ritlabs The Bat 1.47Ritlabs The Bat 1.48Ritlabs The Bat 1.49Ritlabs The Bat 1.101
2.1
CVSSv2
CVE-2003-1133
Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages....
Ritlabs The Bat 1.1Ritlabs The Bat 1.5Ritlabs The Bat 1.011Ritlabs The Bat 1.14Ritlabs The Bat 1.015Ritlabs The Bat 1.15Ritlabs The Bat 1.17Ritlabs The Bat 1.18Ritlabs The Bat 1.19Ritlabs The Bat 1.21Ritlabs The Bat 1.22Ritlabs The Bat 1.028Ritlabs The Bat 1.029Ritlabs The Bat 1.031Ritlabs The Bat 1.31Ritlabs The Bat 1.032Ritlabs The Bat 1.32Ritlabs The Bat 1.33Ritlabs The Bat 1.34Ritlabs The Bat 1.035Ritlabs The Bat 1.35Ritlabs The Bat 1.036Ritlabs The Bat 1.36Ritlabs The Bat 1.037Ritlabs The Bat 1.039Ritlabs The Bat 1.39Ritlabs The Bat 1.041Ritlabs The Bat 1.41Ritlabs The Bat 1.42Ritlabs The Bat 1.42fRitlabs The Bat 1.043Ritlabs The Bat 1.43Ritlabs The Bat 1.44Ritlabs The Bat 1.45Ritlabs The Bat 1.46Ritlabs The Bat 1.47Ritlabs The Bat 1.48Ritlabs The Bat 1.49Ritlabs The Bat 1.51Ritlabs The Bat 1.52Ritlabs The Bat 1.53dRitlabs The Bat 1.101Ritlabs The Bat 2.0Ritlabs The Bat 2.0.1
5
CVSSv2
CVE-2006-0630
RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a...
Ritlabs The Bat 3.0Ritlabs The Bat 3.0.0.7Ritlabs The Bat 3.0.0.8Ritlabs The Bat 3.0.0.9Ritlabs The Bat 3.0.0.10Ritlabs The Bat 3.0.0.11Ritlabs The Bat 3.0.0.12Ritlabs The Bat 3.0.0.14
7.5
CVSSv2
CVE-2004-1737
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters....
The Cacti Group Cacti 0.6The Cacti Group Cacti 0.6.1The Cacti Group Cacti 0.6.2The Cacti Group Cacti 0.6.3The Cacti Group Cacti 0.6.4The Cacti Group Cacti 0.6.5The Cacti Group Cacti 0.6.6The Cacti Group Cacti 0.6.7The Cacti Group Cacti 0.6.8The Cacti Group Cacti 0.6.8aThe Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.1The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.3aThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.5The Cacti Group Cacti 0.8.5aGentoo Linux 1.4
5
CVSSv2
CVE-2005-1524
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter....
The Cacti Group Cacti 0.5The Cacti Group Cacti 0.6The Cacti Group Cacti 0.6.1The Cacti Group Cacti 0.6.2The Cacti Group Cacti 0.6.3The Cacti Group Cacti 0.6.4The Cacti Group Cacti 0.6.5The Cacti Group Cacti 0.6.6The Cacti Group Cacti 0.6.7The Cacti Group Cacti 0.6.8The Cacti Group Cacti 0.6.8aThe Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.1The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.3aThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.5aThe Cacti Group Cacti
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855