Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-4515
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-6477 and CVE-2009-2454.
Citrix Web Interface 5.0
Citrix Web Interface 5.3
Citrix Web Interface 5.1
Citrix Web Interface 5.2
383
VMScore
CVE-2009-2454
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface 4.6
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
312
VMScore
CVE-2006-6513
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous beh...
Flippet.org Winamp Web Interface
Flippet.org Winamp Web Interface 7.5.11
Flippet.org Winamp Web Interface 7.5.9
356
VMScore
CVE-2008-6830
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. N...
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
383
VMScore
CVE-2007-6477
Cross-site scripting (XSS) vulnerability in the on-line help feature in Citrix Web Interface 2.0 and previous versions, and NFuse, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface
445
VMScore
CVE-2019-3737
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Dell Avamar Data Migration Enabler Web Interface 1.0.51
Dell Avamar Data Migration Enabler Web Interface 1.0.50
312
VMScore
CVE-2021-41175
Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue ...
Pi-hole Web Interface
445
VMScore
CVE-2021-3706
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
Pi-hole Web Interface
312
VMScore
CVE-2006-6512
Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.
Flippet.org Winamp Web Interface
312
VMScore
CVE-2006-6514
Winamp Web Interface (Wawi) 7.5.13 and previous versions uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root di...
Flippet.org Winamp Web Interface
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »