Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1363
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and previous versions does not log connection attempts to the web management port (9999), which allows remote malicious users to mount brute force attacks on the administration console without det...
Aprelium Technologies Abyss Web Server
9.8
CVSSv3
CVE-2023-30771
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13...
Apache Iotdb Web Workbench 0.13.3
NA
CVE-2002-0544
Aprelium Abyss Web Server (abyssws) prior to 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
Aprelium Technologies Abyss Web Server 1.0
1 EDB exploit
7.5
CVSSv3
CVE-2015-5184
Console: CORS headers set to allow all in Red Hat AMQ.
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Amq
NA
CVE-2012-4597
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote malicious users to inject arbitrary web script or HTML via vectors related to the McAfee Secu...
Mcafee Email And Web Security 5.5
Mcafee Email And Web Security 5.6
Mcafee Email Gateway 7.0.0
Mcafee Email Gateway 7.0.1
7.2
CVSSv3
CVE-2017-11396
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.
Trendmicro Interscan Web Security Virtual Appliance 6.5
5.4
CVSSv3
CVE-2023-24724
A stored cross site scripting (XSS) vulnerability exists in the user management module of the SAS 9.4 Admin Console, due to insufficient validation and sanitization of data input into the user creation and editing form fields. The product name is SAS Web Administration interface ...
Sas Web Administration Interface 9.4
9.8
CVSSv3
CVE-2018-15394
A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is du...
Cisco Stealthwatch Enterprise
8.8
CVSSv3
CVE-2021-41554
ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.ax...
Archibus Web Central 21.3.3.815
5.4
CVSSv3
CVE-2020-14006
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »