Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lansweeper lansweeper vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-13462
Lansweeper prior to 7.1.117.4 allows unauthenticated SQL injection.
Lansweeper Lansweeper
1 Github repository
9.8
CVSSv3
CVE-2020-14011
Lansweeper 6.0.x up to and including 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features...
Lansweeper Lansweeper
6.1
CVSSv3
CVE-2017-9292
Lansweeper prior to 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782.
Lansweeper Lansweeper
9.8
CVSSv3
CVE-2015-9264
Lansweeper 4.x up to and including 6.x prior to 6.0.0.48 allows malicious users to execute arbitrary code on the administrator's workstation via a crafted Windows service.
Lansweeper Lansweeper
6.1
CVSSv3
CVE-2017-16841
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
Lansweeper Lansweeper
1 EDB exploit
9.9
CVSSv3
CVE-2017-13706
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper prior to 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks,...
Lansweeper Lansweeper
6.5
CVSSv3
CVE-2022-29511
A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
Lansweeper Lansweeper 10.1.1.0
8.8
CVSSv3
CVE-2022-29517
A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
Lansweeper Lansweeper 10.1.1.0
6.5
CVSSv3
CVE-2022-27498
A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...
Lansweeper Lansweeper 10.1.1.0
5.4
CVSSv3
CVE-2022-28703
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger thi...
Lansweeper Lansweeper 10.1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »