Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-7678
Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ipswitch Moveit Mobile
9.8
CVSSv3
CVE-2019-18465
In Progress MOVEit Transfer 11.1 prior to 11.1.3, a vulnerability has been found that could allow an malicious user to sign in without full credentials via the SSH (SFTP) interface. The vulnerability affects only certain SSH (SFTP) configurations, and is applicable only if the My...
Ipswitch Moveit Transfer
NA
CVE-2000-0019
IMail POP3 daemon uses weak encryption, which allows local users to read files.
Ipswitch Imail 2006
NA
CVE-2004-2401
Stack-based buffer overflow in Ipswitch IMail Express Web Messaging prior to 8.05 might allow remote malicious users to execute arbitrary code via an HTML message with long "tag text."
Ipswitch Imail Express 8.03
NA
CVE-2012-4344
Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host.
Ipswitch Whatsup Gold 15.02
1 EDB exploit
NA
CVE-2007-2602
Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows malicious users to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker...
Ipswitch Whatsup Gold 11
NA
CVE-2006-2356
NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote malicious users to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter.
Ipswitch Whatsup Professional 2006
9.8
CVSSv3
CVE-2015-8261
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold prior to 16.4 does not properly validate serialized XML objects, which allows remote malicious users to conduct SQL injection attacks via a crafted SOAP request.
Ipswitch Whatsup Gold 16.3
1 EDB exploit
NA
CVE-2007-3823
The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote malicious users to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp.
Ipswitch Ws Ftp 7.5.29.0
NA
CVE-2012-2601
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote malicious users to execute arbitrary SQL commands via the sGroupList parameter.
Ipswitch Whatsup Gold 15.02
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »