Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27016
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an malicious user to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled we...
Trendmicro Interscan Messaging Security Virtual Appliance
5.5
CVSSv3
CVE-2020-27018
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated malicious user to abuse the product's web server and grant access to web resources or parts of local files. ...
Trendmicro Interscan Messaging Security Virtual Appliance
4.4
CVSSv3
CVE-2020-27693
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.
Trendmicro Interscan Messaging Security Virtual Appliance
8.8
CVSSv3
CVE-2020-27694
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable to attack.
Trendmicro Interscan Messaging Security Virtual Appliance
4.9
CVSSv3
CVE-2020-27017
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrat...
Trendmicro Interscan Messaging Security Virtual Appliance
5.5
CVSSv3
CVE-2020-27019
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an malicious user to access a specific database and key.
Trendmicro Interscan Messaging Security Virtual Appliance
7.2
CVSSv3
CVE-2023-51441
** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects Apache Axis: up to and including 1.3. As Axis 1 has been EOL we recommend you migrate to a different S...
Apache Axis
8.8
CVSSv3
CVE-2020-8461
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.
Trendmicro Interscan Web Security Virtual Appliance 6.5
4.8
CVSSv3
CVE-2020-8462
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to tamper with the web interface of the product.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.5
CVSSv3
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to bypass a global authorization check for anonymous users by manipulating request paths.
Trendmicro Interscan Web Security Virtual Appliance 6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »