Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wikidsystems vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-17119
Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter.
Wikidsystems Two Factor Authentication Enterprise Server
4.3
CVSSv2
CVE-2019-17120
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. The usr parameter is vulnerable: the reflected cross-si...
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.81
4.3
CVSSv2
CVE-2019-17115
Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML that is triggered when Logs.jsp is visited. The rendered_message column is retrieved and displaye...
Wikidsystems Two Factor Authentication Enterprise Server
6.5
CVSSv2
CVE-2019-17117
A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key parameter.
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 3.4.81
6.5
CVSSv2
CVE-2019-16917
WiKID Enterprise 2FA (two factor authentication) Enterprise Server up to and including 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause ...
Wikidsystems Two Factor Authentication Enterprise Server
4.3
CVSSv2
CVE-2019-17114
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allows remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulner...
Wikidsystems Two Factor Authentication Enterprise Server
6.8
CVSSv2
CVE-2019-17118
A CSRF issue in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows a remote malicious user to trick an authenticated user into performing unintended actions such as (1) create or delete admin users; (2) create or delete groups; or (3) create, delete, enable, or di...
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.4.81
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.0
4.3
CVSSv2
CVE-2019-17116
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cros...
Wikidsystems Two Factor Authentication Enterprise Server
4.3
CVSSv2
CVE-2008-4763
Multiple cross-site scripting (XSS) vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PHP_SELF variable.
Wikidsystems Wclient-php
Wikidsystems Wclient-php 3.0-1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started