Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chris lyne vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2018-15705
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated malicious users to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrar...
Advantech Webaccess 8.3.1
Advantech Webaccess 8.3.2
1 EDB exploit
3.5
CVSSv2
CVE-2018-15707
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
Advantech Webaccess 8.3.1
Advantech Webaccess 8.3.2
1 EDB exploit
7.5
CVSSv2
CVE-2017-16716
A SQL Injection issue exists in WebAccess versions before 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
Advantech Webaccess
1 EDB exploit
7.5
CVSSv2
CVE-2017-5792
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
Hp Intelligent Management Center 7.3
1 EDB exploit
7.5
CVSSv2
CVE-2019-12989
Citrix SD-WAN 10.2.x prior to 10.2.3 and NetScaler SD-WAN 10.0.x prior to 10.0.8 allow SQL Injection.
Citrix Netscaler Sd-wan
Citrix Sd-wan
1 EDB exploit
9
CVSSv2
CVE-2019-12991
Citrix SD-WAN 10.2.x prior to 10.2.3 and NetScaler SD-WAN 10.0.x prior to 10.0.8 have Improper Input Validation (issue 5 of 6).
Citrix Netscaler Sd-wan
Citrix Sd-wan
1 EDB exploit
10
CVSSv2
CVE-2017-16720
A Path Traversal issue exists in WebAccess versions 8.3.2 and previous versions. An attacker has access to files within the directory structure of the target device.
Advantech Webaccess
1 EDB exploit
7.2
CVSSv2
CVE-2019-3999
Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated malicious user to execute arbitrary operating system commands with SYSTEM privileges.
Druva Insync Client 6.5.0
10
CVSSv2
CVE-2016-0856
Multiple stack-based buffer overflows in Advantech WebAccess prior to 8.1 allow remote malicious users to execute arbitrary code via unspecified vectors.
Advantech Webaccess
10
CVSSv2
CVE-2017-5816
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
Hp Intelligent Management Center
Hp Intelligent Management Center 7.3
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »