Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress whatsup gold vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2022-42711
In Progress WhatsUp Gold prior to 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser.
Progress Whatsup Gold
7.5
CVSSv3
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
6.5
CVSSv3
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold 21.1.0
Ipswitch Whatsup Gold 21.1.1
6.5
CVSSv3
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Ipswitch Whatsup Gold
Ipswitch Whatsup Gold 22.0.0
6.1
CVSSv3
CVE-2023-35759
In Progress WhatsUp Gold prior to 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser, aka XSS.
Progress Whatsup Gold
6.1
CVSSv3
CVE-2021-41318
In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated malicious user to execute arbitrary code in a victim's browser.
Progress Whatsupgold
5.4
CVSSv3
CVE-2023-6364
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the craft...
Progress Whatsup Gold
5.4
CVSSv3
CVE-2023-6365
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted pay...
Progress Whatsup Gold
5.4
CVSSv3
CVE-2023-6366
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted paylo...
Progress Whatsup Gold
5.4
CVSSv3
CVE-2023-6367
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the...
Progress Whatsup Gold
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »