Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsup gold vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-5777
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow malicious users to execute arbitrary commands on the TFTP server via unspecified vectors.
Ipswitch Whatsup Gold
NA
CVE-2023-6364
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the craft...
Progress Whatsup Gold
NA
CVE-2023-6366
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted paylo...
Progress Whatsup Gold
NA
CVE-2023-6367
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the...
Progress Whatsup Gold
NA
CVE-2023-6368
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate information related to a registered device being monitored by WhatsUp Gold.
Progress Whatsup Gold
6.5
CVSSv2
CVE-2015-6004
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.
Ipswitch Whatsup Gold
NA
CVE-2023-6365
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted pay...
Progress Whatsup Gold
7.5
CVSSv2
CVE-2018-8938
A Code Injection issue exists in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.
Ipswitch Whatsup Gold
7.5
CVSSv2
CVE-2018-8939
An SSRF issue exists in NmAPI.exe in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3...
Ipswitch Whatsup Gold
NA
CVE-2023-6595
In WhatsUp Gold versions released prior to 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated malicious user to enumerate ancillary credential information stored within WhatsUp Gold.
Progress Whatsup Gold
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »