Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0860
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an malicious user to capture packets to craft their own requests.
6.1
CVSSv3
CVE-2023-51630
Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability...
Paessler Prtg Network Monitor
7.8
CVSSv3
CVE-2023-47202
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in or...
Trendmicro Apex One 2019
Trendmicro Apex One
6.1
CVSSv3
CVE-2023-41813
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Allows you to edit the Web Console user notification options. This issue affects Pandora FMS: from 700 up to and i...
Pandorafms Pandora Fms
6.1
CVSSv3
CVE-2021-38927
IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322...
Ibm Aspera Console
Ibm Aspera Console 3.4.2
7.2
CVSSv3
CVE-2023-38126
Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnera...
Softing Edgeaggregator 3.4.0
6.1
CVSSv3
CVE-2023-41811
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the news section of the web console. This issue affec...
Artica Pandora Fms
5.4
CVSSv3
CVE-2023-48222
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which would allow acc...
Pagerduty Rundeck
4.3
CVSSv3
CVE-2023-47112
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list...
Pagerduty Rundeck
6.5
CVSSv3
CVE-2023-46733
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in ...
Sensiolabs Symfony
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »