Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web appliance vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-0628
The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote malicious users to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174.
Cisco Web Security Appliance -
4.3
CVSSv2
CVE-2015-0623
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627.
Cisco Web Security Appliance -
4.3
CVSSv2
CVE-2015-0698
Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut39213.
Cisco Web Security Appliance
9
CVSSv2
CVE-2016-9553
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP ...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
9
CVSSv2
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the compone...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
NA
CVE-2023-33336
Reflected cross site scripting (XSS) vulnerability exists in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
Sophos Web Appliance 4.3.9.1
6.8
CVSSv2
CVE-2013-3395
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote malicious users to hijack the authentication ...
Cisco Email Security Appliance Firmware -
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
4.3
CVSSv2
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote malicious users to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630...
Cisco Email Security Appliance Firmware -
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
5
CVSSv2
CVE-2015-6386
The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote malicious users to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID C...
Cisco Web Security Appliance 8.0.7-142
Cisco Web Security Appliance 8.5.1-021
6.5
CVSSv2
CVE-2019-15956
A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization c...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.5.1-fcs-125
Cisco Web Security Appliance 11.7.0-fcs-418
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »