Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vdgsecurity vdg sense 2.3.13 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-9452
Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote malicious users to read arbitrary files via a .. (dot dot) in the default URI to images/.
Vdgsecurity Vdg Sense 2.3.13
5
CVSSv2
CVE-2014-9579
VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credentials in cleartext, which allows malicious users to obtain sensitive information by reading the plugin configuration files.
Vdgsecurity Vdg Sense 2.3.13
7.5
CVSSv2
CVE-2014-9451
Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote malicious users to execute arbitrary code via the (1) user or (2) password parameter in an AuthenticateUser request.
Vdgsecurity Vdg Sense 2.3.13
5
CVSSv2
CVE-2014-9576
VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of (1) ArpaRomaWi for the root Postgres account and !DVService for the (2) postgres and (3) NTP Windows user accounts, which allows remote malicious users to obtain access.
Vdgsecurity Vdg Sense 2.3.13
4
CVSSv2
CVE-2014-9577
VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response.
Vdgsecurity Vdg Sense 2.3.13
5
CVSSv2
CVE-2014-9578
VDG Security SENSE (formerly DIVA) 2.3.13 performs authentication with a password hash instead of a password, which allows remote malicious users to gain login access by leveraging knowledge of a password hash.
Vdgsecurity Vdg Sense 2.3.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started