Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3817
Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 prior to 20060727 allows remote malicious users to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+A...
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 7
NA
CVE-2006-3818
Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 prior to 20060721 and WebAccess 7 prior to 20060727 allows remote malicious users to inject arbitrary web script or HTML via the GWAP.version parameter.
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 7
7.8
CVSSv3
CVE-2020-16202
WebAccess Node (All versions before 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.
Advantech Webaccess
9.8
CVSSv3
CVE-2021-38389
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an malicious user to remotely execute code.
Advantech Webaccess
8.1
CVSSv3
CVE-2015-6467
Advantech WebAccess prior to 8.1 allows remote malicious users to execute arbitrary code via vectors involving a browser plugin.
Advantech Webaccess
NA
CVE-2011-4041
webvrpcs.exe in Advantech/BroadWin WebAccess allows remote malicious users to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.
Broadwin Webaccess
1 EDB exploit
7.8
CVSSv3
CVE-2018-17908
WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an malicious user to run elevated arbitrary code.
Advantech Webaccess
7.8
CVSSv3
CVE-2018-17910
WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution.
Advantech Webaccess
7.5
CVSSv3
CVE-2016-0851
Advantech WebAccess prior to 8.1 allows remote malicious users to cause a denial of service (out-of-bounds memory access) via unspecified vectors.
Advantech Webaccess
7.5
CVSSv3
CVE-2016-0852
Advantech WebAccess prior to 8.1 allows remote malicious users to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.
Advantech Webaccess
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »