Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch whatsup professional 2006 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2351
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote malicious users to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp o...
Ipswitch Whatsup Professional 2006
Ipswitch Whatsup Professional 2006 Premium
2 EDB exploits
NA
CVE-2006-2354
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote malicious users to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details a...
Ipswitch Whatsup Professional 2006 Premium
Ipswitch Whatsup Professional 2006
NA
CVE-2006-2353
NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote malicious users to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters.
Ipswitch Whatsup Professional 2006
Ipswitch Whatsup Professional 2006 Premium
NA
CVE-2006-2355
Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote malicious users to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
Ipswitch Whatsup Professional 2006
Ipswitch Whatsup Professional 2006 Premium
NA
CVE-2006-2357
Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote malicious users to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp.
Ipswitch Whatsup Professional 2006
Ipswitch Whatsup Professional 2006 Premium
NA
CVE-2006-2352
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote malicious users to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp...
Ipswitch Whatsup Professional 2006
Ipswitch Whatsup Professional 2006 Premium
NA
CVE-2006-2356
NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote malicious users to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter.
Ipswitch Whatsup Professional 2006
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
NA
CVE-2006-0911
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote malicious users to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn param...
Ipswitch Whatsup Professional 2006
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started