Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web studio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4025
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote ...
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
NA
CVE-2013-4022
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypa...
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
NA
CVE-2013-2980
Cross-site request forgery (CSRF) vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that access monitored database information.
Ibm Data Studio 3.1.0
Ibm Data Studio 3.1.1
NA
CVE-2013-2981
Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote malicious users to read arbitrary files via unspecified vectors.
Ibm Data Studio 3.1.0
Ibm Data Studio 3.1.1
NA
CVE-2013-1627
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and previous versions and Advantech Studio 7.0 and previous versions allows remote malicious users to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
Indusoft Web Studio 6.1
Advantech Advantech Studio 6.1
Indusoft Web Studio 7.0b2
Indusoft Web Studio 7.0
1 EDB exploit
NA
CVE-2012-2193
Cross-site scripting (XSS) vulnerability in Query Studio in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Cognos Business Intelligence 8.4.1
Ibm Cognos Business Intelligence 10.1
Ibm Cognos Business Intelligence 10.1.1
Ibm Cognos Business Intelligence 10.2
NA
CVE-2012-1892
Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka "XSS Vulnerability."
Microsoft Visual Studio Team Foundation Server 2010
NA
CVE-2012-1239
The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote malicious users to bypass authentication and obtain administrative privileges via unspeci...
Toshibatec E-studio-5520c -
Toshibatec E-studio-6520c -
Toshibatec E-studio-6530c -
Toshibatec E-studio-232 -
Toshibatec E-studio-282 -
Toshibatec E-studio-167 With Network Printer Kit -
Toshibatec E-studio-207 With Network Printer Kit -
Toshibatec E-studio-181 With Network Printer Kit -
Toshibatec E-studio-182 With Network Printer Kit -
Toshibatec E-studio-6530c Firmware T430sy0j302
Toshibatec E-studio-232 Firmware T377sy0j354
Toshibatec E-studio-282 Firmware T377sy0j354
Toshibatec E-studio-352 Firmware T364sy0j354
Toshibatec E-studio-207 With Network Printer Kit Firmware T282cn0j421
Toshibatec E-studio-181 With Network Printer Kit Firmware T282cn0j421
Toshibatec E-studio-182 With Network Printer Kit Firmware T282cn0j421
Toshibatec E-studio-tf-182 With Network Printer Kit Firmware T282cn0j421
Toshibatec E-studio-351c -
Toshibatec E-studio-2330c -
Toshibatec E-studio-3520c -
Toshibatec E-studio-352 -
Toshibatec E-studio-255 -
1 EDB exploit
NA
CVE-2011-4052
Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote malicious users to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name.
Indusoft Web Studio 6.1
Indusoft Web Studio 7.0
NA
CVE-2011-4051
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote malicious users to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.
Indusoft Web Studio 7.0
Indusoft Web Studio 6.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »