Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
consona consona live assistance vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-1907
The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote malicious users to discover the username of the client user, and consequently determine a pathname to a certain user directory, via a call to the...
Consona Consona Live Assistance
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
9.3
CVSSv2
CVE-2010-1908
The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance does not properly restrict access to the HTTPDownloadFile, HTTPGetFile, Install, and RunCmd methods, which allows remote malicious users to execute arbitrary p...
Consona Consona Dynamic Agent -
Consona Consona Live Assistance
Consona Consona Subscriber Assistance
5.1
CVSSv2
CVE-2010-1910
The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote malicious users to reset passwords of accounts with blank Hint questions and Hint answers by sending an empty value for each of these two Hint fields.
Consona Consona Dynamic Agent -
Consona Consona Live Assistance
Consona Consona Subscriber Assistance
9.3
CVSSv2
CVE-2010-1911
The site-locking implementation in the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance relies on a list of server domain names to restrict execution of ActiveX controls, which makes it easier for man-in-the-middle mal...
Consona Consona Live Assistance
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
9.3
CVSSv2
CVE-2010-1912
The SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote malicious users to bypass intended restrictions on ActiveX execution via "instantiation/free attacks."
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
Consona Consona Live Assistance
7.6
CVSSv2
CVE-2010-1909
Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote malicious users to execute arbitrary code via vectors involving "CreateProcess params." NOTE: s...
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
Consona Consona Live Assistance
9.3
CVSSv2
CVE-2010-1913
The default configuration of pluginlicense.ini for the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance, when downloaded from a server operated by Telefonica or possibly other companies, contains an incorrect DNS white...
Consona Consona Live Assistance
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
4.3
CVSSv2
CVE-2010-1905
Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote malicious users to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to sdccommon/ve...
Consona Consona Live Assistance
Consona Consona Dynamic Agent -
Consona Consona Subscriber Assistance
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started