Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nedi vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-15032
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-15033
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the snmpget.php ip parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-15034
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-15035
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-15036
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-15037
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter.
Nedi Nedi 1.9c
5.4
CVSSv3
CVE-2020-23989
NeDi 1.9C allows pwsec.php oid XSS.
Nedi Nedi 1.9c
8.8
CVSSv3
CVE-2021-26752
NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to ...
Nedi Nedi 1.9c
8.8
CVSSv3
CVE-2021-26751
NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an malicious user to access all the data in the database and obtain access to the NeDi applicat...
Nedi Nedi 1.9c
9.9
CVSSv3
CVE-2021-26753
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to all application data.
Nedi Nedi 1.9c
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »