Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wikidsystems 2fa enterprise server 4.2.0 vulnerabilities and exploits
(subscribe to this query)
580
VMScore
CVE-2019-17119
Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter.
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17120
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. The usr parameter is vulnerable: the reflected cross-si...
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.81
384
VMScore
CVE-2019-17116
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cros...
Wikidsystems Two Factor Authentication Enterprise Server
580
VMScore
CVE-2019-16917
WiKID Enterprise 2FA (two factor authentication) Enterprise Server up to and including 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause ...
Wikidsystems Two Factor Authentication Enterprise Server
384
VMScore
CVE-2019-17115
Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allow remote malicious users to inject arbitrary web script or HTML that is triggered when Logs.jsp is visited. The rendered_message column is retrieved and displaye...
Wikidsystems Two Factor Authentication Enterprise Server
606
VMScore
CVE-2019-17118
A CSRF issue in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows a remote malicious user to trick an authenticated user into performing unintended actions such as (1) create or delete admin users; (2) create or delete groups; or (3) create, delete, enable, or di...
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 3.4.81
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.0
384
VMScore
CVE-2019-17114
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server up to and including 4.2.0-b2047 allows remote malicious users to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulner...
Wikidsystems Two Factor Authentication Enterprise Server
580
VMScore
CVE-2019-17117
A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key parameter.
Wikidsystems 2fa Enterprise Server 3.5.0
Wikidsystems 2fa Enterprise Server 3.4.85
Wikidsystems 2fa Enterprise Server 4.0
Wikidsystems 2fa Enterprise Server 4.0.1
Wikidsystems 2fa Enterprise Server 4.1.0
Wikidsystems 2fa Enterprise Server 4.2.0
Wikidsystems 2fa Enterprise Server 4.0.2
Wikidsystems 2fa Enterprise Server 3.4.87
Wikidsystems 2fa Enterprise Server 3.6.0
Wikidsystems 2fa Enterprise Server 3.4.81
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started