Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leostream connection broker vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-26574
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the admin...
Leostream Connection Broker
6.5
CVSSv2
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code.
Leostream Connection Broker 9.0.40.17
5
CVSSv2
CVE-2018-18817
The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote malicious users to modify registry keys via the Leostream Agent API.
Leostream Connection Broker
Leostream Agent
4.3
CVSSv2
CVE-2021-38157
LeoStream Connection Broker 9.x prior to 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Leostream Connection Broker
4
CVSSv2
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link.
Leostream Connection Broker 9.0.40.17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started