Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
personal web server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2904
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 up to and including 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available through a request gener...
Hidglobal Safe
NA
CVE-2022-38756
A vulnerability has been identified in Micro Focus GroupWise Web in versions before 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.
Microfocus Groupwise
5
CVSSv2
CVE-2022-1166
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by secur...
Nootheme Jobmonster
4.3
CVSSv2
CVE-2021-3150
A cross-site scripting (XSS) vulnerability on the Delete Personal Data page in Cryptshare Server prior to 4.8.0 allows an malicious user to inject arbitrary web script or HTML via the user name. The issue is fixed with the version 4.8.1
Cryptshare Cryptshare Server
4.3
CVSSv2
CVE-2013-4653
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork prior to 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) prior to 6.7, Omnitouch 8460 Advanced Communication Ser...
Alcatel-lucent Omnitouch 8670 Automated Delivery Message Delivery System
Alcatel-lucent Omnitouch 8660 My Teamwork
Alcatel-lucent Omnitouch 8400 Instant Communications Suite
Alcatel-lucent Omnitouch 8460 Advanced Communication Server
6.8
CVSSv2
CVE-2008-6573
Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote malicious users to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Mana...
Avaya Communication Manager 5.0
Avaya Communication Manager 3.1.4
Avaya Communication Manager 3.1.2
Avaya Communication Manager 3.1.5
Avaya Communication Manager 3.1.1
Avaya Communication Manager 4.0
Avaya Communication Manager
Avaya Communication Manager 3.1.3
3.5
CVSSv2
CVE-2007-1467
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator...
Cisco Unified Video Advantage
Cisco Unified Videoconferencing Manager
Cisco Vpn Client 3.5.2
Cisco Vpn Client 3.5.1
Cisco Vpn Client 3.6.1
Cisco Unified Personal Communicator
Cisco Wireless Lan Solution Engine
Cisco Ip Communicator
Cisco Vpn Client 3.6
Cisco Unified Meetingplace
Cisco Ciscoworks
Cisco Vpn Client 4.0.2c
Cisco Vpn Client 4.0.2a
Cisco Wan Manager
Cisco Wireless Control System 4.0
Cisco Vpn Client 3.5.4
Cisco Network Analysis Module
Cisco Security Device Manager
Cisco Vpn Client 3.5.2b
Cisco Acs Solution Engine 4.1
Cisco Vpn Client 4.8.1
Cisco Unified Videoconferencing
4.3
CVSSv2
CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote malicious users to inject arbitrary web script or HTML via the query string in an HTTP request.
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Application Server 9.0.2.1
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle9i Personal 9.0.1.5
Oracle Oracle9i Standard 9.0.1
Oracle Oracle9i Standard 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.2
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Enterprise 9.0.1.5
Oracle Oracle9i Personal 9.2
Oracle Oracle9i Standard 9.0
Oracle Application Server 9.0.2.3
Oracle Oracle9i Standard 9.0.1.5 Fips
Oracle Oracle9i Enterprise 9.0.1.5 Fips
1 EDB exploit
5
CVSSv2
CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote malicious users to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard late...
Cisco Secure Access Control Server 3.2
Cisco Mgx 8230 1.2.11
Cisco Mgx 8250 1.2.10
Cisco Secure Access Control Server 3.2.2
Cisco Personal Assistant 1.3(2)
Cisco Unity Server 2.2
Cisco Secure Access Control Server 2.4
Cisco Secure Access Control Server 3.1.1
Cisco Personal Assistant 1.3(4)
Cisco Unity Server 3.0
Cisco Secure Access Control Server 2.6.3
Cisco Interactive Voice Response
Cisco Secure Access Control Server 2.42
Cisco Call Manager 3.0
Cisco Call Manager 3.1(3a)
Cisco Secure Access Control Server 3.3.2
Cisco Unity Server 3.1
Cisco Call Manager 1.0
Cisco Unity Server 3.3
Cisco Personal Assistant 1.3(3)
Cisco Secure Access Control Server 2.1
Cisco Secure Access Control Server 3.3(1)
1 EDB exploit
5
CVSSv2
CVE-2005-1662
Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote malicious users to read arbitrary files via a .. (dot dot) in the URL.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »