Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ens vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2018-19512
In Webgalamb up to and including 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.
Ens Webgalamb
668
VMScore
CVE-2018-19514
In Webgalamb up to and including 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload tha...
Ens Webgalamb
383
VMScore
CVE-2018-19509
wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars() instead of using a templating engine with proper contextual encoding. Because it is possible to insert arbitrary strings into the database, any JavaScript could be executed by the administrator, leading to X...
Ens Webgalamb 7.0
445
VMScore
CVE-2018-19513
In Webgalamb up to and including 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames. The log file could contain sensitive client data (email addresses) and also facilitates exploitation of SQL injection erro...
Ens Webgalamb
668
VMScore
CVE-2018-19515
In Webgalamb up to and including 7.0, system/ajax.php functionality is supposed to be available only to the administrator. However, by using one of the bgsend, atment_sddd1xGz, or xls_bgimport query parameters, most of these methods become available to unauthenticated users.
Ens Webgalamb
543
VMScore
CVE-2019-3582
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and previous versions allows local users to gain elevated privileges via a specific set of circumstances.
Mcafee Endpoint Security
409
VMScore
CVE-2016-8010
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and previous versions and Endpoint Security (ENS) 10.2 and previous versions allows local users to bypass local security protection via a command-line utility.
Mcafee Application Control
Mcafee Endpoint Security
383
VMScore
CVE-2016-8011
Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control prior to 10.2.0.408.10 allows malicious users to inject arbitrary web script or HTML via a crafted web site.
Intel Security Mcafee Endpoint Security Web Control
365
VMScore
CVE-2016-3984
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) prior to 1.1.0.161, Agent (MA) 5.x prior to 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) prior to 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Pat...
Mcafee Active Response
Mcafee Data Loss Prevention Endpoint
Mcafee Data Exchange Layer
Mcafee Host Intrusion Prevention
Mcafee Virusscan Enterprise
Mcafee Agent
Mcafee Endpoint Security
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5