Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
surfcontrol web filter 4.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0705
The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote malicious users to obtain valid usernames and crack the passwords.
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Superscout Web Filter 3.0
7.5
CVSSv2
CVE-2002-0706
UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote malicious users to decrypt the administrative password using a hard-coded key in a Javascript function.
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
7.5
CVSSv2
CVE-2002-0709
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote malicious users to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Web Filter 4.1
1 EDB exploit
5
CVSSv2
CVE-2002-0708
Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote malicious users to read arbitrary files via an HTTP request containing ... (triple dot) sequences.
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Superscout Web Filter 3.0
1 EDB exploit
5
CVSSv2
CVE-2002-0707
The Web Reports Server for SurfControl SuperScout WebFilter allows remote malicious users to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow.
Surfcontrol Web Filter 4.0
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Superscout Web Filter 3.0.3
5
CVSSv2
CVE-2002-1531
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote malicious users to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.
Surfcontrol Superscout Email Filter 3.5
Surfcontrol Superscout Email Filter 3.5.1
Surfcontrol Superscout Email Filter 4.0
4.3
CVSSv2
CVE-2002-1529
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote malicious users to insert arbitrary script or HTML via the Reason parameter.
Surfcontrol Superscout Email Filter 3.5
Surfcontrol Superscout Email Filter 3.5.1
Surfcontrol Superscout Email Filter 4.0
1 EDB exploit
5
CVSSv2
CVE-2002-1530
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.
Surfcontrol Superscout Email Filter 3.5
Surfcontrol Superscout Email Filter 4.0
Surfcontrol Superscout Email Filter 3.5.1
1 EDB exploit
5
CVSSv2
CVE-2002-1532
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote malicious users to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequ...
Surfcontrol Superscout Email Filter 3.5
Surfcontrol Superscout Email Filter 3.5.1
Surfcontrol Superscout Email Filter 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started