Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-0406
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based ma...
Cisco Web Security Appliance 11.5.0-fcs-581
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-269
5.8
CVSSv2
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header woul...
Compassplus Tranzware Online 5.3.33.3 F38
Compassplus Tranzware Online Financial Institution Maintenance Interface 4.2.19.4.25
7.5
CVSSv2
CVE-2017-6182
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
Sophos Web Appliance
1 EDB exploit
6.5
CVSSv2
CVE-2017-6184
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
Sophos Web Appliance
4.3
CVSSv2
CVE-2019-3670
Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and previous versions allows remote unauthenticated malicious user to execute arbitrary code via a cross site scripting attack.
Mcafee Web Advisor
4
CVSSv2
CVE-2014-6064
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) prior to 7.3.2.9 and 7.4.x prior to 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
Mcafee Web Gateway
9
CVSSv2
CVE-2018-0424
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote malicious user to execute arbitrary commands. The vulne...
Cisco Rv110w Firmware
Cisco Rv130w Firmware
Cisco Rv215w Firmware
7.8
CVSSv2
CVE-2018-0410
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote malicious user to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists ...
Cisco Web Security Appliance 10.5.2-042
Cisco Web Security Appliance 11.0.0-641
Cisco Web Security Appliance 9.1.1-074
Cisco Web Security Appliance 9.1.2-010
Cisco Web Security Appliance 10.1.1-235
Cisco Web Security Appliance 10.5.1-296
Cisco Web Security Appliance 9.1.2-022
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 10.5.1-270
Cisco Web Security Appliance 9.1.2-039
4.3
CVSSv2
CVE-2015-6290
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
Cisco Web Security Virtual Appliance 8.0 Base
Cisco Web Security Virtual Appliance 8.0.5
Cisco Web Security Virtual Appliance 8.0.7
Cisco Web Security Virtual Appliance 8.0.6
9
CVSSv2
CVE-2021-23885
Privilege escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.
Mcafee Web Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »