Vulnerabilities > Use of Incorrectly-Resolved Name or Reference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-14 | CVE-2019-17575 | Use of Incorrectly-Resolved Name or Reference vulnerability in Wbce CMS A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. | 7.2 |
| 2019-06-11 | CVE-2019-0220 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. | 5.3 |
| 2019-04-25 | CVE-2019-9901 | Use of Incorrectly-Resolved Name or Reference vulnerability in Envoyproxy Envoy Envoy 1.9.0 and before does not normalize HTTP URL paths. | 10.0 |
| 2019-04-09 | CVE-2019-0816 | Use of Incorrectly-Resolved Name or Reference vulnerability in Canonical Ubuntu Linux 18.04 A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | 5.1 |
| 2019-03-06 | CVE-2019-9616 | Use of Incorrectly-Resolved Name or Reference vulnerability in Ofcms Project Ofcms 1.1.1/1.1.2 An issue was discovered in OFCMS before 1.1.3. | 7.2 |
| 2019-02-18 | CVE-2019-8908 | Use of Incorrectly-Resolved Name or Reference vulnerability in Wtcms Project Wtcms 1.0 An issue was discovered in WTCMS 1.0. | 9.8 |
| 2019-02-17 | CVE-2019-8395 | Use of Incorrectly-Resolved Name or Reference vulnerability in Zohocorp Manageengine Servicedesk Plus An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request. | 9.8 |
| 2019-02-11 | CVE-2019-7731 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mywebsql 3.7 MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file. | 9.8 |
| 2019-01-15 | CVE-2019-6289 | Use of Incorrectly-Resolved Name or Reference vulnerability in Dedecms 5.7 uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename. | 8.8 |
| 2019-01-09 | CVE-2018-6112 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 4.3 |