Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23614
Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, before 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cook...
Pi-hole Web Interface
1 Github repository
3.5
CVSSv2
CVE-2006-6514
Winamp Web Interface (Wawi) 7.5.13 and previous versions uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root di...
Flippet.org Winamp Web Interface
NA
CVE-2022-41433
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
Eyesofnetwork Web Interface 5.3
5
CVSSv2
CVE-2021-3706
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
Pi-hole Web Interface
NA
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
10
CVSSv2
CVE-2006-6454
execInBackground.php in J-OWAMP Web Interface 2.1b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information ...
J-owamp Web Interface
3.5
CVSSv2
CVE-2021-41175
Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue ...
Pi-hole Web Interface
6.5
CVSSv2
CVE-2006-6453
PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter.
J-owamp Web Interface 2.1
1 EDB exploit
7.1
CVSSv2
CVE-2020-10558
The driving interface of Tesla Model 3 vehicles in any release prior to 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows malicious users to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigatio...
Tesla Model 3 Web Interface
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »