Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wikidsystems 2fa enterprise server 4.2.0 vulnerabilities and exploits
(subscribe to this query)
580
VMScore
CVE-2019-17119
Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter.
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17120
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. The usr parameter is vulnerable: the reflected cross-si...
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.81
580
VMScore
CVE-2019-16917
WiKID Enterprise 2FA (two factor authentication) Enterprise Server up to and including 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause ...
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17114
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allows remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulner...
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17115
Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML that is triggered when Logs.jsp is visited. The rendered_message column is retrieved and displaye...
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17116
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cros...
Wikidsystems Two Factor Authentication Enterprise Server
580
VMScore
CVE-2019-17117
A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key parameter.
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 3.4.81
606
VMScore
CVE-2019-17118
A CSRF issue in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows a remote malicious user to trick an authenticated user into performing unintended actions such as (1) create or delete admin users; (2) create or delete groups; or (3) create, delete, enable, or di...
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.4.81
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started