Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Maintenance Server Security Vulnerabilities

cve
cve

CVE-2023-50374

Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through...

5.5CVSS

9.4AI Score

0.0004EPSS

2024-03-28 07:15 AM
30
cve
cve

CVE-2023-42419

Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the....

3.8CVSS

4.5AI Score

0.0004EPSS

2024-03-05 06:15 AM
44
cve
cve

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

7.5CVSS

8AI Score

0.732EPSS

2023-10-10 02:15 PM
2908
In Wild
cve
cve

CVE-2021-43106

A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...

6.1CVSS

6.3AI Score

0.001EPSS

2022-02-14 08:15 PM
50
cve
cve

CVE-2021-43355

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or intentionally...

9.8CVSS

9.5AI Score

0.002EPSS

2022-01-21 07:15 PM
27
2
cve
cve

CVE-2021-23195

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all....

5.3CVSS

5.2AI Score

0.001EPSS

2022-01-21 07:15 PM
24
cve
cve

CVE-2018-19798

Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any...

8.8CVSS

8.7AI Score

0.01EPSS

2020-03-02 09:15 PM
24
cve
cve

CVE-2007-2490

Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service (exit) via crafted Connection-Oriented Transport Protocol (COTP)...

6.5AI Score

0.065EPSS

2007-05-03 11:19 PM
21
4