Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2325
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to 3.1-5829 allow remote malicious users to inject arbitrary web script or HTML via the (1) state parameter to objects/who/index.htm or (2) User email address to quarantine/spam/manage.htm.
Proxmox Mail Gateway 3.1-5670
Proxmox Mail Gateway
Proxmox Mail Gateway 3.1-5673
Proxmox Mail Gateway 3.0
Proxmox Mail Gateway 3.1
NA
CVE-2002-0561
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote malicious users to gain privileges and modify DAD settings.
Oracle Oracle9i 9.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Oracle9i 9.0
Oracle Oracle8i 8.1.7 .1
Oracle Oracle8i 8.1.7
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server 1.0.2
Oracle Application Server Web Cache 2.0.0.3
NA
CVE-2014-1899
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x prior to 9.3.66.5 and 10.x prior to 10.1.123.9 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Netscaler Access Gateway Firmware 9.3
Citrix Netscaler Access Gateway Firmware 9.3.61.5
Citrix Netscaler Access Gateway Firmware 9.3.62.4
Citrix Netscaler Access Gateway Firmware 10.0
Citrix Netscaler Access Gateway Firmware 10.0.74.4
Citrix Netscaler Access Gateway Firmware 10.1
Citrix Netscaler Access Gateway -
NA
CVE-2009-0063
Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance prior to 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Brightmail Gateway Appliance 7.7
Symantec Brightmail Gateway Appliance 7.5
Symantec Brightmail Gateway Appliance
Symantec Brightmail Gateway Appliance 7.6
NA
CVE-2010-2892
gsb/drivers.php in LANDesk Management Gateway 4.0 up to and including 4.0-1.48 and 4.2 up to and including 4.2-1.8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the DRIVES parameter, as demonstrated by a cross-site request fo...
Landesk Management Gateway 4.0-1.48
Landesk Management Gateway 4.2
Landesk Management Gateway 4.0
Landesk Management Gateway 4.2-1.8
1 EDB exploit
NA
CVE-2007-0011
The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent malicious users to hijack sessions by reading "residual information", including the a re...
Citrix Access Gateway 4.2
Citrix Access Gateway 4.0
Citrix Access Gateway 4.5
NA
CVE-2008-4485
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 prior to 4.2.9, 5.2 prior to 5.2.5, and 5.3 prior to 5.3.1.7 allows remote malicious users to inject arbitrary web script or HTML via the URL.
Bluecoat Security Gateway Os 5.2
Bluecoat Security Gateway Os 4.2
Bluecoat Security Gateway Os 5.3
5.3
CVSSv3
CVE-2019-10962
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the st...
Bd Alaris Gateway Workstation Firmware 1.0.13
Bd Alaris Gateway Workstation Firmware 1.1.3
Bd Alaris Gateway Workstation Firmware 1.1.5
Bd Alaris Gateway Workstation Firmware 1.1.6
1 Article
5.4
CVSSv3
CVE-2022-32750
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
5.4
CVSSv3
CVE-2022-31774
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
8
9
10
NEXT »