Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webadmin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3013
WebAdmin in the Mobility Pack prior to 1.2 in Novell Data Synchronizer 1.x up to and including 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote malicious users to obtain access via a brute-force attack.
Novell Data Synchronizer 1.1.0
Novell Data Synchronizer 1.1.1
Novell Data Synchronizer 1.1.2
Novell Mobility Pack 1.1
Novell Mobility Pack 1.1.2
Novell Data Synchronizer 1.0.0
Novell Mobility Pack 1.1.1
Novell Mobility Pack 1.0
10
CVSSv2
CVE-2004-2734
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote malicious users to bypass access control to the WEB-INF folder.
Novell Netware 6.5
7.5
CVSSv2
CVE-2022-1040
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote malicious user to execute code in Sophos Firewall version v18.5 MR3 and older.
Sophos Sfos
7 Github repositories
2 Articles
5
CVSSv2
CVE-2014-9609
Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote malicious users to list directory contents via a .. (dot dot) in the log parameter in a stats action.
Netsweeper Netsweeper
6
CVSSv2
CVE-2014-7851
oVirt 3.2.2 up to and including 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that ...
Ovirt Ovirt 3.3.2
Ovirt Ovirt 3.4.0
Redhat Ovirt-engine 3.2.2
Redhat Ovirt-engine 3.3
Redhat Ovirt-engine 3.3.0.1
Redhat Ovirt-engine 3.3.1
Redhat Ovirt-engine 3.3.2
Redhat Ovirt-engine 3.3.3
Redhat Ovirt-engine 3.3.4
Redhat Ovirt-engine 3.3.5
Redhat Ovirt-engine 3.4.0
Redhat Ovirt-engine 3.4.1
Redhat Ovirt-engine 3.4.2
Redhat Ovirt-engine 3.4.3
Redhat Ovirt-engine 3.4.4
Redhat Ovirt-engine 3.5.0
4.3
CVSSv2
CVE-2009-2455
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained sol...
Atmail \\@tmail 5.6.1
5
CVSSv2
CVE-2021-41382
Plastic SCM prior to 10.0.16.5622 mishandles the WebAdmin server management interface.
Plasticscm Plastic Scm
1 Github repository
5
CVSSv2
CVE-2008-3395
Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information by reading these files. NOTE: the provenance of this information is unknown; the d...
Calacode Atmail 5.41
4.3
CVSSv2
CVE-2008-5266
Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote malicious users to inject arbitrary web script or HTML v...
Sun Java System Application Server 9.1 02
Sun Java System Application Server 9.1 01
Oracle Glassfish Server 2.0
1 EDB exploit
NA
CVE-2022-24629
An issue exists in AudioCodes Device Manager Express up to and including 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can upload a .php file to WebAdmin/admin/A...
Audiocodes Device Manager Express
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »