Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gui vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-3164
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote malicious user to cause high CPU usage ...
Cisco Cloud Email Security
Cisco Content Security Management Appliance
Cisco Email Security Appliance
Cisco Web Security Appliance
9.3
CVSSv3
CVE-2019-1848
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent malicious user to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system ope...
Cisco Digital Network Architecture Center
1 Article
10
CVSSv3
CVE-2018-0222
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undoc...
Cisco Digital Network Architecture Center
NA
CVE-2014-5335
Multiple cross-site request forgery (CSRF) vulnerabilities in innovaphone PBX 10.00 sr11 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that modify configurations or user accounts, as demonstrated by (1) changing the...
Innovaphone Innovaphone Pbx
1 EDB exploit
NA
CVE-2011-0545
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) prior to 2.3 allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified o...
Symantec Liveupdate Administrator 2.2.2.9
1 EDB exploit
5.3
CVSSv3
CVE-2016-1299
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote malicious users to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw87174.
Cisco 300 Series Managed Switch Firmware 1.4.1
8.8
CVSSv3
CVE-2019-12624
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vul...
Cisco Ios Xe
NA
CVE-2008-2421
Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sa...
Sap Sap Web Application Server 7.0
Sap Web Dynpro Abap
Sap Web Dynpro Bsp
1 EDB exploit
9.8
CVSSv3
CVE-2020-3140
A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of user input on the web mana...
Cisco Prime License Manager
1 Article
6.1
CVSSv3
CVE-2016-9119
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin prior to 1.9.8 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moinmo Moinmoin
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »