Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2012-3296
Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Power Hardware Management Console 7r7.3.0
Ibm Power Hardware Management Console 7r7.1.0
Ibm Power Hardware Management Console 7r7.2.0
384
VMScore
CVE-2020-13174
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an malicious user to trick a user into clicking a malicious link via clickjacking.
Teradici Pcoip Management Console 20.01.1
Teradici Pcoip Management Console 20.04
435
VMScore
CVE-2014-3080
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware prior to 1.20.20.23447 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avct...
Ibm Global Console Manager 16 Firmware
Ibm Global Console Manager 32 Firmware
1 EDB exploit
312
VMScore
CVE-2013-4022
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypa...
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
383
VMScore
CVE-2013-4024
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote malicious users to read session cookies by sn...
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
Ibm Optim Performance Manager 5.1.0
169
VMScore
CVE-2013-4025
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote ...
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
445
VMScore
CVE-2022-24856
FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the inter...
Flyte Flyte Console
383
VMScore
CVE-2013-4770
Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x prior to 4.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Eucalyptus Eucalyptus Management Console
605
VMScore
CVE-2014-5039
Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x prior to 4.0.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Eucalyptus Eucalyptus Management Console
355
VMScore
CVE-2018-10078
Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description.
Vertiv Watchdog Console 3.2.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »