Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webctrl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-8819
An XXE issue exists in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web serv...
Carrier Automatedlogic Webctrl 6.0
Carrier Automatedlogic Webctrl 6.1
Carrier Automatedlogic Webctrl 6.5
6.1
CVSSv3
CVE-2021-31682
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a bas...
Automatedlogic Webctrl
1 Github repository
6.1
CVSSv3
CVE-2022-1019
Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an malicious user to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malic...
Automatedlogic Webctrl Server
6.1
CVSSv3
CVE-2020-19762
Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows remote malicious users to execute any JavaScript code via a XSS payload for the first parameter in a GET request.
Carrier Webctrl System
6.3
CVSSv3
CVE-2017-9640
A Path Traversal issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web before 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prio...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
1 EDB exploit
7
CVSSv3
CVE-2017-9644
An Unquoted Search Path or Element issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, Site...
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
Automatedlogic I-vu
1 EDB exploit
7.8
CVSSv3
CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC Web...
Automatedlogic Sitescan Web
Automatedlogic I-vu
Carrier Automatedlogic Webctrl
1 EDB exploit
7.3
CVSSv3
CVE-2016-5795
An XXE issue exists in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XM...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
NA
CVE-2017-964030
Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started