Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webadmin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-9613
Multiple SQL injection vulnerabilities in Netsweeper prior to 2.6.29.10 allow remote malicious users to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php.
Netsweeper Netsweeper
1 EDB exploit
10
CVSSv2
CVE-2017-14135
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI.
Dreambox Opendreambox 2.0
6.5
CVSSv2
CVE-2014-9619
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP c...
Netsweeper Netsweeper 4.0.7
Netsweeper Netsweeper 4.0.5
Netsweeper Netsweeper 4.0.3
Netsweeper Netsweeper 4.0.2
Netsweeper Netsweeper 4.0.1
Netsweeper Netsweeper 4.0.0
Netsweeper Netsweeper 4.0.8
Netsweeper Netsweeper 4.0.6
Netsweeper Netsweeper 4.0.4
Netsweeper Netsweeper
Netsweeper Netsweeper 4.1.1
Netsweeper Netsweeper 4.1.0
1 EDB exploit
5
CVSSv2
CVE-2016-6080
The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker.
Ibm Websphere Message Broker 8.0
7.5
CVSSv2
CVE-2006-6239
webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote malicious users to authenticate using an empty password.
Mailenable Netwebadmin Enterprise 2.32
Mailenable Netwebadmin Professional 2.32
5
CVSSv2
CVE-2019-15516
Cuberite prior to 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
Cuberite Cuberite
10
CVSSv2
CVE-2013-5932
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) prior to 9.105 has unknown impact and attack vectors.
Sophos Unified Threat Management Software 9.007
7.5
CVSSv2
CVE-2020-5519
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
Litespeedtech Openlitespeed
7.5
CVSSv2
CVE-2014-9611
Netsweeper prior to 4.0.5 allows remote malicious users to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php.
Netsweeper Netsweeper
1 EDB exploit
8.5
CVSSv2
CVE-2021-25267
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA.
Sophos Firewall Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »