Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xceedium xsuite 2.4.3.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-4665
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the fileName parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
5.8
CVSSv2
CVE-2015-4668
Open redirect vulnerability in Xsuite 2.4.4.5 and previous versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
7.2
CVSSv2
CVE-2015-4669
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
5
CVSSv2
CVE-2015-4666
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and previous versions allows remote malicious users to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
7.5
CVSSv2
CVE-2015-4667
Multiple hardcoded credentials in Xsuite 2.x.
Xceedium Xsuite 2.4.3.0
Xceedium Xsuite 2.3.0
1 EDB exploit
7.5
CVSSv2
CVE-2015-4664
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and previous versions allows remote malicious users to execute arbitrary commands.
Broadcom Privileged Access Manager
Xceedium Xsuite 2.4.3.0
Xceedium Xsuite 2.3.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started