Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
surfcontrol web filter 4.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0706
UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote malicious users to decrypt the administrative password using a hard-coded key in a Javascript function.
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
NA
CVE-2002-0708
Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote malicious users to read arbitrary files via an HTTP request containing ... (triple dot) sequences.
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Superscout Web Filter 3.0
1 EDB exploit
NA
CVE-2002-0709
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote malicious users to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Web Filter 4.1
1 EDB exploit
NA
CVE-2002-0705
The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote malicious users to obtain valid usernames and crack the passwords.
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Superscout Web Filter 3.0
NA
CVE-2002-0707
The Web Reports Server for SurfControl SuperScout WebFilter allows remote malicious users to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow.
Surfcontrol Web Filter 4.0
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Superscout Web Filter 3.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started