Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2325
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to 3.1-5829 allow remote malicious users to inject arbitrary web script or HTML via the (1) state parameter to objects/who/index.htm or (2) User email address to quarantine/spam/manage.htm.
Proxmox Mail Gateway 3.1-5670
Proxmox Mail Gateway
Proxmox Mail Gateway 3.1-5673
Proxmox Mail Gateway 3.0
Proxmox Mail Gateway 3.1
NA
CVE-2009-0063
Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance prior to 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Brightmail Gateway Appliance
Symantec Brightmail Gateway Appliance 7.7
Symantec Brightmail Gateway Appliance 7.6
Symantec Brightmail Gateway Appliance 7.5
NA
CVE-2010-2892
gsb/drivers.php in LANDesk Management Gateway 4.0 up to and including 4.0-1.48 and 4.2 up to and including 4.2-1.8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the DRIVES parameter, as demonstrated by a cross-site request fo...
Landesk Management Gateway 4.0-1.48
Landesk Management Gateway 4.0
Landesk Management Gateway 4.2-1.8
Landesk Management Gateway 4.2
1 EDB exploit
NA
CVE-2007-0011
The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent malicious users to hijack sessions by reading "residual information", including the a re...
Citrix Access Gateway 4.2
Citrix Access Gateway 4.5
Citrix Access Gateway 4.0
6.5
CVSSv3
CVE-2016-5765
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated malicious users to read arbitrary files via a specially crafted URL...
Microfocus Host Access Management And Security Server 12.3
Microfocus Reflection Zfe 2.0.0.52
Microfocus Host Access Management And Security Server 12.2
Microfocus Reflection For The Web 12.3
Microfocus Reflection For The Web 12.1
Microfocus Reflection For The Web 12.2
Microfocus Reflection Zfe 1.4.0.14
Microfocus Reflection Zfe 2.0.1.18
Microfocus Reflection Security Gateway 12.1
NA
CVE-2002-0561
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote malicious users to gain privileges and modify DAD settings.
Oracle Application Server 1.0.2
Oracle Application Server Web Cache 2.0.0.0
Oracle Oracle9i 9.0.1
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Oracle8i 8.1.7 .1
Oracle Oracle9i 9.0
Oracle Application Server Web Cache 2.0.0.3
Oracle Oracle8i 8.1.7
NA
CVE-2008-4485
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 prior to 4.2.9, 5.2 prior to 5.2.5, and 5.3 prior to 5.3.1.7 allows remote malicious users to inject arbitrary web script or HTML via the URL.
Bluecoat Security Gateway Os 4.2
Bluecoat Security Gateway Os 5.2
Bluecoat Security Gateway Os 5.3
5.4
CVSSv3
CVE-2022-32750
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
5.4
CVSSv3
CVE-2022-31774
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
NA
CVE-2013-5916
Cross-site scripting (XSS) vulnerability in falha.php in the Bradesco Gateway plugin 2.0 for Wordpress, as used in the WP e-Commerce plugin, allows remote malicious users to inject arbitrary web script or HTML via the QUERY_STRING.
Bradesco Gateway Plugin Project Bradesco Gateway 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »