Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42787
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and prior to 7.2.3 and FortiAnalyzer version 7.4.0 and prior to 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client sid...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
NA
CVE-2023-23840
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
NA
CVE-2023-23845
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
NA
CVE-2023-4803
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. Al...
Proofpoint Insider Threat Management
NA
CVE-2023-4802
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's brow...
Proofpoint Insider Threat Management
NA
CVE-2023-36497
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 could allow a guest user to elevate to admin privileges.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
NA
CVE-2023-38256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 vulnerable to a path traversal attack, which could allow an malicious user to access files stored on the system.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
NA
CVE-2023-41256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized malicious user to obtain user access.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
NA
CVE-2023-39362
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution...
Cacti Cacti
Fedoraproject Fedora 37
Fedoraproject Fedora 38
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »