Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-8261
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold prior to 16.4 does not properly validate serialized XML objects, which allows remote malicious users to conduct SQL injection attacks via a crafted SOAP request.
Ipswitch Whatsup Gold 16.3
1 EDB exploit
6.5
CVSSv3
CVE-2015-6004
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.
Ipswitch Whatsup Gold
6.9
CVSSv3
CVE-2015-6005
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow M...
Ipswitch Whatsup Gold
NA
CVE-2011-4722
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
Ipswitch Tftp Server 1.0.0.24
1 EDB exploit
NA
CVE-2014-3878
Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly prior to 12.4.1.15, allow remote malicious users to inject arbitrary web script or HTML via (1) the Name field in an add new contact action in the Cont...
Ipswitch Imail Server 12.3
Ipswitch Imail Server 12.4
1 EDB exploit
NA
CVE-2012-2589
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4344. Reason: This candidate is a duplicate of CVE-2012-4344. Notes: All CVE users should reference CVE-2012-4344 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2012-2601
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote malicious users to execute arbitrary SQL commands via the sGroupList parameter.
Ipswitch Whatsup Gold 15.02
1 EDB exploit
NA
CVE-2012-4344
Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host.
Ipswitch Whatsup Gold 15.02
1 EDB exploit
NA
CVE-2011-1430
The STARTTLS implementation in the server in Ipswitch IMail 11.03 and previous versions does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after ...
Ipswitch Imail 8.22
Ipswitch Imail 8.11
Ipswitch Imail 6.1
Ipswitch Imail 6.0.2
Ipswitch Imail 6.0
Ipswitch Imail 6.0.1
Ipswitch Imail 7.0.5
Ipswitch Imail 7.0.2
Ipswitch Imail 7.0.3
Ipswitch Imail 8.0.3
Ipswitch Imail 8.0.5
Ipswitch Imail 11
Ipswitch Imail 10.02
Ipswitch Imail 6.00
Ipswitch Imail 6.06
Ipswitch Imail 2006.1
Ipswitch Imail 5.0.8
Ipswitch Imail 5.0.5
Ipswitch Imail 7.0.4
Ipswitch Imail 8.1
Ipswitch Imail 8.12
Ipswitch Imail 11.02
NA
CVE-2009-4775
Format string vulnerability in Ipswitch WS_FTP Professional 12 prior to 12.2 allows remote malicious users to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.
Ipswitch Ws Ftp 12.0
Ipswitch Ws Ftp 12.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »