Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Whois Security Vulnerabilities

cve
cve

CVE-2020-36618

A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely....

9.8CVSS

9.6AI Score

0.001EPSS

2022-12-19 02:15 PM
24
cve
cve

CVE-2009-4233

Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php in the YJ Whois component 1.0x and 1.5.x for Joomla! allows remote attackers to inject arbitrary web script or HTML via the domain parameter to index.php. NOTE: some of these details are obtained from third party...

5.8AI Score

0.001EPSS

2022-10-03 04:24 PM
21
cve
cve

CVE-2002-1854

Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name...

8AI Score

0.003EPSS

2022-10-03 04:23 PM
18
cve
cve

CVE-2008-1041

Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson Matt's Whois (MWhois) allows remote attackers to inject arbitrary web script or HTML via the domain...

5.7AI Score

0.002EPSS

2022-10-03 04:13 PM
22
cve
cve

CVE-2017-18612

The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain...

6.1CVSS

6AI Score

0.001EPSS

2019-09-13 12:15 PM
25
cve
cve

CVE-2006-2965

Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the target parameter in index.php and (2) the "input...

5.8AI Score

0.007EPSS

2006-06-12 08:06 PM
19
cve
cve

CVE-2003-0709

Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line...

7.9AI Score

0.007EPSS

2003-10-20 04:00 AM
20
cve
cve

CVE-2000-0941

Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois"...

7.7AI Score

0.188EPSS

2001-01-22 05:00 AM
28
cve
cve

CVE-1999-0984

Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain...

7.6AI Score

0.005EPSS

2000-02-04 05:00 AM
27
cve
cve

CVE-1999-0983

Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain...

7.6AI Score

0.005EPSS

2000-02-04 05:00 AM
22
cve
cve

CVE-1999-0985

CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain...

7.6AI Score

0.055EPSS

2000-02-04 05:00 AM
23