Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12639
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote malicious users to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
Ipswitch Imail Server
8.8
CVSSv3
CVE-2015-7678
Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ipswitch Moveit Mobile
6.1
CVSSv3
CVE-2015-7679
Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the query string to mobile/.
Ipswitch Moveit Mobile
9.4
CVSSv3
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 prior to 10.2.4, 2019 prior to 11.0.2, and 2019.1 prior to 11.1.1 allows an unauthenticated malicious user to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Ser...
Ipswitch Moveit Transfer
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
7.5
CVSSv3
CVE-2005-2160
IMail stores usernames and passwords in cleartext in a cookie, which allows remote malicious users to obtain sensitive information.
Ipswitch Imail 2006
NA
CVE-2005-1250
SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote malicious users to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword param...
Ipswitch Whatsup Professional 2005 Sp1
1 EDB exploit
7.8
CVSSv3
CVE-2017-16513
Ipswitch WS_FTP Professional prior to 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729.
Ipswitch Ws Ftp
1 EDB exploit
NA
CVE-2007-4555
Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote malicious users to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this...
Ipswitch Ws Ftp
5.4
CVSSv3
CVE-2015-7676
Ipswitch MOVEit File Transfer (formerly DMZ) 8.1 and previous versions, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading HTML files.
Ipswitch Moveit Dmz
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »