Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-23885
Privilege escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.
Mcafee Web Gateway
9
CVSSv2
CVE-2017-6746
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. Affected Products: ...
Cisco Web Security Appliance 11.0.0
Cisco Web Security Appliance 10.5.0-358
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 10.1.1-234
Cisco Web Security Appliance 10.0 Base
Cisco Web Security Appliance 10.1.0
Cisco Web Security Appliance 11.0.0-641
Cisco Web Security Appliance 10.5.0
Cisco Web Security Appliance 10.0.0-233
Cisco Web Security Appliance 11.0.0-613
Cisco Web Security Appliance 10.1.1-230
5
CVSSv2
CVE-2022-24716
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This is...
Icinga Icinga Web 2
5 Github repositories
6
CVSSv2
CVE-2022-24715
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved ...
Icinga Icinga Web 2
1 EDB exploit
2 Github repositories
5
CVSSv2
CVE-2015-8279
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote malicious users to read arbitrary files via a request to an unspecified PHP script.
Samsung Web Viewer
2 Metasploit modules
1 Github repository
4.3
CVSSv2
CVE-2018-0366
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-276
NA
CVE-2022-2310
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x before 10.2.12, 9.x before 9.2.23, 8.x before 8.2.28, and controlled release 11.x before 11.2.1 allows a remote malicious user to bypass authentication into the administration User Interface. This is poss...
Skyhighsecurity Secure Web Gateway
7.5
CVSSv2
CVE-2018-6667
Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 up to and including 7.8.1.5 allows remote malicious users to execute arbitrary code via Java management extensions (JMX).
Mcafee Mcafee Web Gateway
NA
CVE-2023-20045
A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due t...
Cisco Rv160 Vpn Router Firmware
Cisco Rv160w Wireless-ac Vpn Router Firmware
Cisco Rv260 Vpn Router Firmware
Cisco Rv260p Vpn Router With Poe Firmware
7.9
CVSSv2
CVE-2017-3873
A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent malicious user to execute arbitrary code with root privil...
Cisco Aironet Access Point Firmware 8.3 102.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »