CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1225

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1040%
EPSS Percentile31.27th
PublishedMar 2, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection.

Affected Platforms (CPE)

πŸ“¦
Grok Developments

Netproxy

= 4.03

References & Advisories

πŸ”— http://osvdb.org/36002
πŸ”— http://www.securityfocus.com/bid/22741
πŸ”— http://www.vupen.com/english/advisories/2007/0779
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/32697
πŸ”— https://www.exploit-db.com/exploits/3381
πŸ”— http://osvdb.org/36002
πŸ”— http://www.securityfocus.com/bid/22741
πŸ”— http://www.vupen.com/english/advisories/2007/0779

Related Vulnerabilities

CVE-2007-12245.0

Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL an...

CVE-2007-050410.0

Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute ar...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-097610.0

Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a lo...