Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
toutvirtual virtualiq 3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4848
Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote malicious users to inject arbitrary web script or HTML via the (1) userId parameter to tvserver/server/user/setPermissions.jsp, (2) deptName parameter t...
Toutvirtual Virtualiq 3.5
Toutvirtual Virtualiq 3.2
NA
CVE-2009-4849
Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote malicious users to hijack the authentication of administrators for requests that (1) create a new user account via a save action to tvserver/user...
Toutvirtual Virtualiq 3.2
Toutvirtual Virtualiq 3.5
1 EDB exploit
NA
CVE-2009-4845
The configuration page in ToutVirtual VirtualIQ Pro 3.2 build 7882 contains cleartext SSH credentials, which allows remote malicious users to obtain sensitive information by reading the username and password fields.
Toutvirtual Virtualiq 3.2
NA
CVE-2009-4844
ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to the /status URI on port 9080, which allows remote malicious users to obtain sensitive Tomcat information via a direct request.
Toutvirtual Virtualiq 3.2 Build 7882
NA
CVE-2006-3835
Apache Tomcat 5 prior to 5.5.17 allows remote malicious users to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Apache Tomcat 5.5.12
Apache Tomcat 5.5.7
Apache Tomcat 5.5.9
Apache Tomcat 5.0.28
Apache Tomcat 5.5.16
1 EDB exploit
NA
CVE-2008-2938
Directory traversal vulnerability in Apache Tomcat 4.1.0 up to and including 4.1.37, 5.5.0 up to and including 5.5.26, and 6.0.0 up to and including 6.0.16, when allowLinking and UTF-8 are enabled, allows remote malicious users to read arbitrary files via encoded directory traver...
Apache Tomcat
2 EDB exploits
2 Metasploit modules
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started