Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webctrl vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2018-8819
An XXE issue exists in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web serv...
Carrier Automatedlogic Webctrl 6.0
Carrier Automatedlogic Webctrl 6.1
Carrier Automatedlogic Webctrl 6.5
383
VMScore
CVE-2021-31682
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a bas...
Automatedlogic Webctrl
1 Github repository
383
VMScore
CVE-2020-19762
Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows remote malicious users to execute any JavaScript code via a XSS payload for the first parameter in a GET request.
Carrier Webctrl System
516
VMScore
CVE-2022-1019
Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an malicious user to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malic...
Automatedlogic Webctrl Server
695
VMScore
CVE-2017-9644
An Unquoted Search Path or Element issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, Site...
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
Automatedlogic I-vu
1 EDB exploit
465
VMScore
CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC Web...
Automatedlogic Sitescan Web
Automatedlogic I-vu
Carrier Automatedlogic Webctrl
1 EDB exploit
655
VMScore
CVE-2017-9640
A Path Traversal issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web before 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prio...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
1 EDB exploit
668
VMScore
CVE-2016-5795
An XXE issue exists in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XM...
Automatedlogic I-vu
Automatedlogic Sitescan Web
Carrier Automatedlogic Webctrl
NA
CVE-2017-964030
Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started