Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro andujar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
Imperva Securesphere 9.0.0.5
1 EDB exploit
NA
CVE-2013-4096
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field.
Ds3 Authentication Server -
1 EDB exploit
NA
CVE-2013-4097
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message.
Ds3 Authentication Server -
1 EDB exploit
NA
CVE-2013-4094
The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/setting...
Imperva Securesphere 9.0.0.5
1 EDB exploit
NA
CVE-2013-4098
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote malicious users to inject arbitrary error-page text via the message parameter.
Ds3 Authentication Server -
1 EDB exploit
NA
CVE-2015-5531
Directory traversal vulnerability in Elasticsearch prior to 1.6.1 allows remote malicious users to read arbitrary files via unspecified vectors related to snapshot API calls.
Elasticsearch Elasticsearch
1 EDB exploit
5 Github repositories
NA
CVE-2013-3395
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote malicious users to hijack the authentication ...
Cisco Email Security Appliance Firmware -
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
NA
CVE-2013-4091
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote malicious users to obtain access by ...
Imperva Securesphere 9.0.0.5
1 EDB exploit
NA
CVE-2013-4092
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent malicious users to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the...
Imperva Securesphere 9.0.0.5
1 EDB exploit
NA
CVE-2013-4093
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote malicious users to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation ...
Imperva Securesphere 9.0.0.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »