Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web interface vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-4515
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-6477 and CVE-2009-2454.
Citrix Web Interface 5.0
Citrix Web Interface 5.3
Citrix Web Interface 5.1
Citrix Web Interface 5.2
4.3
CVSSv2
CVE-2009-2454
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface 4.6
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
3.5
CVSSv2
CVE-2006-6513
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous beh...
Flippet.org Winamp Web Interface
Flippet.org Winamp Web Interface 7.5.11
Flippet.org Winamp Web Interface 7.5.9
4
CVSSv2
CVE-2008-6830
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. N...
Citrix Web Interface 5.0
Citrix Web Interface 5.0.1
4.3
CVSSv2
CVE-2007-6477
Cross-site scripting (XSS) vulnerability in the on-line help feature in Citrix Web Interface 2.0 and previous versions, and NFuse, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Web Interface
5
CVSSv2
CVE-2019-3737
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Dell Avamar Data Migration Enabler Web Interface 1.0.51
Dell Avamar Data Migration Enabler Web Interface 1.0.50
NA
CVE-2023-23614
Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, before 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cook...
Pi-hole Web Interface
1 Github repository
5
CVSSv2
CVE-2021-3706
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
Pi-hole Web Interface
10
CVSSv2
CVE-2006-6454
execInBackground.php in J-OWAMP Web Interface 2.1b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information ...
J-owamp Web Interface
3.5
CVSSv2
CVE-2006-6514
Winamp Web Interface (Wawi) 7.5.13 and previous versions uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root di...
Flippet.org Winamp Web Interface
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »