Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsup gold vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0799
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote malicious users to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 8.03 Hotfix 1
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 7.03
Ipswitch Whatsup Gold 7.04
7.5
CVSSv2
CVE-2004-0798
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold prior to 8.03 Hotfix 1 allows remote malicious users to execute arbitrary code via a long instancename parameter.
Ipswitch Whatsup Gold 8.01
Ipswitch Whatsup Gold 8.03
Ipswitch Whatsup Gold 7.04
Ipswitch Whatsup Gold 8.0
Ipswitch Whatsup Gold 7.0
Ipswitch Whatsup Gold 7.03
2 EDB exploits
4
CVSSv2
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold 21.1.0
Ipswitch Whatsup Gold 21.1.1
5
CVSSv2
CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to obtain the WhatsUp Gold installation serial number.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
4
CVSSv2
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Ipswitch Whatsup Gold
Ipswitch Whatsup Gold 22.0.0
5
CVSSv2
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 up to and including 21.1.1, and 22.0.0, it is possible for an unauthenticated malicious user to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ipswitch Whatsup Gold 22.0.0
Ipswitch Whatsup Gold
7.5
CVSSv2
CVE-2018-5778
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow malicious users to execute arbitrary SQL commands via unspecified vectors.
Ipswitch Whatsup Gold
NA
CVE-2023-6364
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the craft...
Progress Whatsup Gold
NA
CVE-2023-6365
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted pay...
Progress Whatsup Gold
NA
CVE-2023-6366
In WhatsUp Gold versions released prior to 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an malicious user to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted paylo...
Progress Whatsup Gold
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »