Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webadmin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-18014
An NC-25986 issue exists in the Logging subsystem of Sophos XG Firewall with SFOS prior to 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protect...
Sophos Sfos
Sophos Sfos 17.0
5
CVSSv2
CVE-2011-2221
The Mobility Pack prior to 1.2 in Novell Data Synchronizer 1.x up to and including 1.1.2 build 428 allows remote malicious users to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.
Novell Mobility Pack 1.1.1
Novell Mobility Pack 1.1.2
Novell Data Synchronizer 1.0.0
Novell Data Synchronizer 1.1.0
Novell Data Synchronizer 1.1.1
Novell Mobility Pack 1.1
Novell Data Synchronizer 1.1.2
Novell Mobility Pack 1.0
7.5
CVSSv2
CVE-2002-0996
Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 prior to 3.0.3C allows remote malicious users to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.
Novell Netmail 3.0.3a
Novell Netmail Xe 3.1
Novell Netmail 3.1
7.5
CVSSv2
CVE-2020-13167
Netsweeper up to and including 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.
Netsweeper Netsweeper
4.3
CVSSv2
CVE-2011-2222
Session fixation vulnerability in WebAdmin in the Mobility Pack prior to 1.2 in Novell Data Synchronizer 1.x up to and including 1.1.2 build 428 allows remote malicious users to hijack web sessions via unspecified vectors.
Novell Mobility Pack 1.0
Novell Data Synchronizer 1.1.1
Novell Mobility Pack 1.1
Novell Mobility Pack 1.1.1
Novell Mobility Pack 1.1.2
Novell Data Synchronizer 1.0.0
Novell Data Synchronizer 1.1.0
Novell Data Synchronizer 1.1.2
4.3
CVSSv2
CVE-2012-5940
The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote malicious users to discover credentials by sniffing the network during the authentication process.
Ibm Netezza 7.0
Ibm Netezza 6.0.5
Ibm Netezza 6.0.8
NA
CVE-2023-49101
WebAdmin in Axigen 10.3.x prior to 10.3.3.61, 10.4.x prior to 10.4.24, and 10.5.x prior to 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates.
Axigen Axigen Mobile Webmail
7.5
CVSSv2
CVE-2014-9614
The Web Panel in Netsweeper prior to 4.0.5 has a default password of branding for the branding account, which makes it easier for remote malicious users to obtain access via a request to webadmin/.
Netsweeper Netsweeper
3.5
CVSSv2
CVE-2012-5761
Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Netezza 6.0.5
Ibm Netezza 6.0.8
Ibm Netezza 7.0
6.8
CVSSv2
CVE-2012-5763
Cross-site request forgery (CSRF) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ibm Netezza 6.0.5
Ibm Netezza 6.0.8
Ibm Netezza 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »