Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4515
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-6477 and CVE-2009-2454.
Citrix Web Interface 5.0
Citrix Web Interface 5.3
Citrix Web Interface 5.1
Citrix Web Interface 5.2
NA
CVE-2009-2454
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface 4.6
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
NA
CVE-2006-6513
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous beh...
Flippet.org Winamp Web Interface
Flippet.org Winamp Web Interface 7.5.11
Flippet.org Winamp Web Interface 7.5.9
NA
CVE-2008-6830
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. N...
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
NA
CVE-2007-6477
Cross-site scripting (XSS) vulnerability in the on-line help feature in Citrix Web Interface 2.0 and previous versions, and NFuse, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface
7.5
CVSSv3
CVE-2019-3737
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Dell Avamar Data Migration Enabler Web Interface 1.0.51
Dell Avamar Data Migration Enabler Web Interface 1.0.50
NA
CVE-2006-6454
execInBackground.php in J-OWAMP Web Interface 2.1b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information ...
J-owamp Web Interface
6.1
CVSSv3
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
4.8
CVSSv3
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
7.5
CVSSv3
CVE-2021-3706
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
Pi-hole Web Interface
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »