Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-23840
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
7.2
CVSSv3
CVE-2023-23845
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
4.8
CVSSv3
CVE-2023-4802
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's brow...
Proofpoint Insider Threat Management
4.8
CVSSv3
CVE-2023-4803
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. Al...
Proofpoint Insider Threat Management
8.8
CVSSv3
CVE-2023-36497
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 could allow a guest user to elevate to admin privileges.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
7.5
CVSSv3
CVE-2023-38256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 vulnerable to a path traversal attack, which could allow an malicious user to access files stored on the system.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
9.1
CVSSv3
CVE-2023-41256
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized malicious user to obtain user access.
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.5.3
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.6.1
Doverfuelingsolutions Maglink Lx Web Console Configuration 2.11
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.0
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.2
Doverfuelingsolutions Maglink Lx Web Console Configuration 3.3
7.2
CVSSv3
CVE-2023-39362
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution...
Cacti Cacti
Fedoraproject Fedora 37
Fedoraproject Fedora 38
2 Github repositories
5.4
CVSSv3
CVE-2023-39364
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` a...
Cacti Cacti 1.2.24
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.2
CVSSv3
CVE-2023-23842
The SolarWinds Network Configuration Manager was susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Network Configuration Monitor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »