Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds orion web performance monitor vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-14005
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote malicious users to execute arbitrary code via a defined event.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
7.5
CVSSv2
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) prior to 11.5, NetFlow Traffic Analyzer (NTA) prior to 4.1, Network Configuration Manager...
Solarwinds Orion Voip \\& Network Quality Manager
Solarwinds Orion Server And Application Manager
Solarwinds Orion Network Configuration Manager
Solarwinds Orion User Device Tracker
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Web Performance Monitor
Solarwinds Orion Netflow Traffic Analyzer
Solarwinds Orion Ip Address Manager
1 EDB exploit
4.3
CVSSv2
CVE-2012-4939
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface prior to 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote malicious users to inject arbitrary web script or HTML via the "Search for an IP address" f...
Solarwinds Orion Network Performance Monitor 10.2.1
Solarwinds Orion Network Performance Monitor 10.2.2
Solarwinds Orion Network Performance Monitor 10.3
Solarwinds Orion Network Performance Monitor 10.3.1
Solarwinds Orion Network Performance Monitor 10.0
Solarwinds Orion Network Performance Monitor 10.1.13.0
Solarwinds Ip Address Manager Web Interface
Solarwinds Orion Network Performance Monitor 10.1
Solarwinds Orion Network Performance Monitor 10.2
Solarwinds Orion Network Performance Monitor -
1 EDB exploit
4.3
CVSSv2
CVE-2012-2577
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) prior to 10.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName field of an snmpd.conf file.
Solarwinds Orion Network Performance Monitor 7.8.5
Solarwinds Orion Network Performance Monitor 8.5
Solarwinds Orion Network Performance Monitor 8.5.1
Solarwinds Orion Network Performance Monitor 9.1
Solarwinds Orion Network Performance Monitor 10.1
Solarwinds Orion Network Performance Monitor 10.0
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Network Performance Monitor 9.0
Solarwinds Orion Network Performance Monitor 9.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2010-4828
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) Inte...
Solarwinds Orion Network Performance Monitor 10.1
3.5
CVSSv2
CVE-2020-14006
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
3.5
CVSSv2
CVE-2020-14007
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
3.5
CVSSv2
CVE-2019-12863
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
Solarwinds Netpath 1.1.4
Solarwinds Network Performance Monitor 12.4
Solarwinds Orion Platform 2018.4
NA
CVE-2023-23836
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2022.4.1
NA
CVE-2022-47503
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2022.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »