Vulnerabilities (CVE)

Filtered by CWE-918
Total 1243 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1637 4 Apple, Fedoraproject, Redhat and 1 more 7 Mac Os X, Mac Os X Server, Fedora and 4 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
CVE-2002-1484 1 Siemens 1 Db4web 2024-02-28 7.5 HIGH 9.8 CRITICAL
DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message.
CVE-2004-2061 1 Risearch 2 Risearch, Risearch Pro 2024-02-28 7.5 HIGH 9.8 CRITICAL
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.