Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web management portal vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (witho...
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
7.8
CVSSv2
CVE-2013-1222
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software prior to 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote malicious users to launch arbitrary custom web applications via a crafted (1) HTTP or (2) HTTPS request,...
Cisco Unified Customer Voice Portal 7.0
Cisco Unified Customer Voice Portal 9.0
Cisco Unified Customer Voice Portal 8.5\\(1\\)
Cisco Unified Customer Voice Portal 7.0\\(2\\)
Cisco Unified Customer Voice Portal 4.0
Cisco Unified Customer Voice Portal 4.0\\(2\\)
Cisco Unified Customer Voice Portal 3.0
Cisco Unified Customer Voice Portal 8.0\\(1\\)
Cisco Unified Customer Voice Portal 3.6\\(10\\)
Cisco Unified Customer Voice Portal
Cisco Unified Customer Voice Portal 4.1
10
CVSSv2
CVE-2013-1221
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software prior to 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote malicious users to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub3...
Cisco Unified Customer Voice Portal 4.0\\(2\\)
Cisco Unified Customer Voice Portal 3.0
Cisco Unified Customer Voice Portal 8.0\\(1\\)
Cisco Unified Customer Voice Portal 3.6\\(10\\)
Cisco Unified Customer Voice Portal 8.5\\(1\\)
Cisco Unified Customer Voice Portal 4.0
Cisco Unified Customer Voice Portal 4.1
Cisco Unified Customer Voice Portal 7.0
Cisco Unified Customer Voice Portal 9.0
Cisco Unified Customer Voice Portal 7.0\\(2\\)
Cisco Unified Customer Voice Portal
5
CVSSv2
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Weblogic Server 12.1.3.0.0
Oracle Communications Converged Application Server
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 2.3.0.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Webrtc Session Controller
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Banking Platform 2.6.0
Oracle Utilities Network Management System 2.3.0.1
7.5
CVSSv2
CVE-2016-2296
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote malicious users to obtain sensitive information or modify data via unspecified vectors.
Meteocontrol Web\\'log Pro Unlimited -
Meteocontrol Web\\'log Pro -
Meteocontrol Web\\'log Light -
Meteocontrol Web\\'log Basic 100 -
1 EDB exploit
6.5
CVSSv2
CVE-2016-9012
CloudVision Portal (CVP) prior to 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle.
Arista Cloudvision Portal
4.3
CVSSv2
CVE-2021-35463
Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote malicious users to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter.
Liferay Liferay Portal 7.4.0
10
CVSSv2
CVE-2005-2668
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote malicious users to execute arbitrary code via unknown vectors.
Broadcom Advantage Data Transport 3.0
Broadcom Adviseit 2.4
Broadcom Brightstor Portal 11.1
Broadcom Etrust Admin 8.0
Broadcom Etrust Admin 8.1
Broadcom Messaging 1.5
Broadcom Messaging 1.7
Broadcom Unicenter Jasmine 3.0
Ca Unicenter Management 3.5
Ca Unicenter Management 4.0
Broadcom Unicenter Service Level Management 3.0.2
Broadcom Unicenter Service Level Management 3.5
Broadcom Unicenter Software Delivery 3.0
Broadcom Unicenter Software Delivery 3.1
Broadcom Brightstor San Manager 1.1
Ca Etrust Admin 2.1
Ca Etrust Admin 2.7
Broadcom Unicenter Application Performance Monitor 3.0
Broadcom Unicenter Asset Management 3.1
Ca Unicenter Asset Management 4.0
Ca Unicenter Enterprise Job Manager 1.0
Ca Unicenter Management 5.0
1 EDB exploit
5
CVSSv2
CVE-2018-0139
A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote malicious user to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) co...
Cisco Unified Customer Voice Portal 11.5\\(1\\)
Cisco Unified Customer Voice Portal 11.6
10
CVSSv2
CVE-2005-3653
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway prior to 4.0.051230, allows remote malicious users to execute arbitrary code via an HTTP request with a negative Content-Length field.
Broadcom Brightstor Arcserve Backup 11.1
Broadcom Brightstor Arcserve Backup 11.5
Ca Brightstor Enterprise Backup 10.5
Broadcom Brightstor Portal 11.1
Broadcom Brightstor Storage Resource Manager 6.4
Broadcom Etrust Admin 8.1
Ca Etrust Directory 8.1 Web Components
Broadcom Etrust Identity Minder 8.0
Ca Unicenter Exchange Management Console 11.0
Ca Unicenter Management 11.0
Ca Unicenter Service Fulfillment 11.0
Broadcom Unicenter Service Fulfillment 2.2
Broadcom Brightstor Arcserve Backup Laptops Desktops 11.0
Broadcom Brightstor Arcserve Backup Laptops Desktops 11.1
Broadcom Brightstor San Manager 11.5
Broadcom Brightstor Storage Resource Manager 11.1
Broadcom Etrust Audit Aries 8.0
Broadcom Etrust Audit Irecorder 1.5
Ca Unicenter Application Performance Monitor 11.0
Ca Unicenter Application Server Managment 11.0
Broadcom Unicenter Asset Portfolio Management 11.0
Ca Unicenter Service Catalog Fulfillment Accounting 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »