Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aceware aceweb online portal vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-24238
ACEweb Online Portal 3.5.065 exists to contain a cross-site scripting (XSS) vulnerability via the txtNmName1 parameter in person.awp.
Aceware Aceweb Online Portal
9.8
CVSSv3
CVE-2022-24239
ACEweb Online Portal 3.5.065 exists to contain an unrestricted file upload vulnerability via attachments.awp.
Aceware Aceweb Online Portal
9.8
CVSSv3
CVE-2022-24240
ACEweb Online Portal 3.5.065 exists to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp.
Aceware Aceweb Online Portal
7.5
CVSSv3
CVE-2022-24241
ACEweb Online Portal 3.5.065 exists to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.
Aceware Aceweb Online Portal
7.5
CVSSv3
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Onlin...
Aceware Aceweb Online Portal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started