Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2023-23614
Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, before 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cook...
Pi-hole Web Interface
1 Github repository
10
CVSSv2
CVE-2006-6454
execInBackground.php in J-OWAMP Web Interface 2.1b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information ...
J-owamp Web Interface
3.5
CVSSv2
CVE-2006-6512
Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.
Flippet.org Winamp Web Interface
3.5
CVSSv2
CVE-2006-6514
Winamp Web Interface (Wawi) 7.5.13 and previous versions uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root di...
Flippet.org Winamp Web Interface
10
CVSSv2
CVE-2006-6539
Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and previous versions (1) allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBasicAuth functi...
Flippet.org Winamp Web Interface
4.3
CVSSv2
CVE-2021-3811
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pi-hole Web Interface
4.3
CVSSv2
CVE-2021-3812
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pi-hole Web Interface
NA
CVE-2023-24724
A stored cross site scripting (XSS) vulnerability exists in the user management module of the SAS 9.4 Admin Console, due to insufficient validation and sanitization of data input into the user creation and editing form fields. The product name is SAS Web Administration interface ...
Sas Web Administration Interface 9.4
7.1
CVSSv2
CVE-2020-10558
The driving interface of Tesla Model 3 vehicles in any release prior to 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows malicious users to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigatio...
Tesla Model 3 Web Interface
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »