Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-23614
Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, before 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cook...
Pi-hole Web Interface
1 Github repository
4.8
CVSSv3
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
4.8
CVSSv3
CVE-2022-41433
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
Eyesofnetwork Web Interface 5.3
6.1
CVSSv3
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
6.1
CVSSv3
CVE-2021-3812
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pi-hole Web Interface
7.5
CVSSv3
CVE-2021-3706
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
Pi-hole Web Interface
5.4
CVSSv3
CVE-2021-41175
Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue ...
Pi-hole Web Interface
NA
CVE-2006-6512
Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.
Flippet.org Winamp Web Interface
5.4
CVSSv3
CVE-2023-24724
A stored cross site scripting (XSS) vulnerability exists in the user management module of the SAS 9.4 Admin Console, due to insufficient validation and sanitization of data input into the user creation and editing form fields. The product name is SAS Web Administration interface ...
Sas Web Administration Interface 9.4
6.5
CVSSv3
CVE-2020-10558
The driving interface of Tesla Model 3 vehicles in any release prior to 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows malicious users to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigatio...
Tesla Model 3 Web Interface
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »