Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manager proxy vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-28379
jc21.com Nginx Proxy Manager prior to 2.9.17 allows XSS during item deletion.
Nginxproxymanager Nginx Proxy Manager
4.9
CVSSv2
CVE-2019-15517
jc21 Nginx Proxy Manager prior to 2.0.13 allows %2e%2e%2f directory traversal.
Jc21 Nginx Proxy Manager
NA
CVE-2023-23596
jc21 NGINX Proxy Manager up to and including 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, ...
Jc21 Nginx Proxy Manager
NA
CVE-2023-27224
An issue found in NginxProxyManager v.2.9.19 allows an malicious user to execute arbitrary code via a lua script to the configuration file.
Jc21 Nginx Proxy Manager 2.9.19
NA
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Withsecure F-secure Policy Manager 15.00
Withsecure Policy Manager Proxy 15.00
7.5
CVSSv2
CVE-2018-5488
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 up to and including 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 up to and including 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the netwo...
Netapp Santricity Storage Manager
Netapp Santricity Web Services Proxy
5
CVSSv2
CVE-2016-6023
Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
2.9
CVSSv2
CVE-2016-6026
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 allows man-in-the-middle malicious users to obtain sensitive information via an HTTP method that is neither GET nor POST.
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
4.6
CVSSv2
CVE-2016-6025
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 allows remote malicious users to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified U...
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
5.8
CVSSv2
CVE-2016-6027
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information or modify data by leveragin...
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 3.4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »