8 matches found
EUVD-2020-3123
Malware in sbrugna...
CVE-2003-0803
Nokia Electronic Documentation NED 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2024-2921)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an 'Expect: 100-continue' header with a non-information...
CVE-2017-7559
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...
FilePocket 1.2 - Local Proxy Password Disclosure
FilePocket 1.2 - Local Proxy Password Disclosure / FilePocket v1.2 Local Proxy Password Disclosure Exploit by Kozan Application: FilePocket 1.2 probably prior versions Vendor: ExoticSoft - www.exoticsoft.com Vulnerable Description: FilePocket v1.2 discloses proxy passwords to local users...
UMN Gopherd Unauthorized FTP Proxy
The remote host is running a UMN Gopher server. It is possible to make the remote server connect to third party FTP sites by sending the request 'ftp://hostname.of.the.ftp.server'. An attacker may exploit this flaw to connect to use the remote gopher daemon as a proxy to connect to FTP servers...
[Full-Disclosure] MondoSoft - Proxy through MsmHigh.exe
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - Proxy through MsmHigh.exe Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200401.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...
CVE-2002-1575
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline %0a characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message...