Lucene search
K

153 matches found

CVE
CVE
added 2017/09/19 3:0 p.m.50 views

CVE-2014-9610

Netsweeper versions affected: before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2. A remote attacker can bypass authentication and remove IP addresses from quarantine by supplying the ip parameter to webadmin/user/quarantine_disable.php. This is an authentication bypass vulnerability that a...

5.3CVSS5.8AI score0.03732EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2017/09/19 3:0 p.m.20 views

CVE-2014-9618

The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL...

9.6AI score0.73312EPSS
Exploits3References2
Cvelist
Cvelist
added 2017/09/19 3:0 p.m.17 views

CVE-2014-9610

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantinedisable.php...

5.9AI score0.03732EPSS
Exploits3References2
CVE
CVE
added 2017/09/19 3:0 p.m.52 views

CVE-2014-9619

CVE-2014-9619 affects Netsweeper Webadmin: unrestricted file upload via webadmin/ajaxfilemanager/ajaxfilemanager.php. An authenticated admin can upload a file with a double extension and, by requesting it from webadmin/deny/images/, execute arbitrary PHP code (e.g., secuid0.php.gif). Affected ver...

7.2CVSS7.3AI score0.07352EPSS
Exploits3References2Affected Software1
CNVD
CNVD
added 2015/09/09 12:0 a.m.7 views

Netsweeper WebUpgrade Authorization Issues Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper's WebUpgrade that stems from the webupgrade/webupgrade.php script failing to adequately filter the 'login' and 'password ' parameters. A remote attacker can exploit the vulnerabili...

9.4CVSS7.1AI score0.03935EPSS
Exploits4References1
NVD
NVD
added 2015/09/04 3:59 p.m.27 views

CVE-2014-9605

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...

9.4CVSS7.8AI score0.03935EPSS
Exploits4References4
Prion
Prion
added 2015/09/04 3:59 p.m.19 views

Sql injection

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...

9.4CVSS8.6AI score0.03935EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2015/09/04 3:0 p.m.26 views

CVE-2014-9605

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...

10AI score0.03935EPSS
Exploits4References4
CVE
CVE
added 2015/09/04 3:0 p.m.71 views

CVE-2014-9605

CVE-2014-9605 concerns Netsweeper WebUpgrade where insufficient filtering of the login/password inputs (single quote) allows remote attackers to bypass authentication in Netsweeper versions before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2. Successful bypass enables actions such as creati...

9.4CVSS9.9AI score0.03935EPSS
Exploits4References4Affected Software1
seebug.org
seebug.org
added 2015/09/02 12:0 a.m.20 views

Netsweeper 4.0.8 - Authentication Bypass

No description provided by source...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2015/08/26 12:0 a.m.11 views

Netsweeper Detection (HTTP)

Detection of Netsweeper. This script performs a HTTP based detection of Netsweeper. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2015/08/25 12:0 a.m.27 views

Netsweeper Multiple Vulnerabilities (Aug 2015)

Netsweeper is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netsweeper:netsweeper";...

9.8CVSS6.2AI score0.07352EPSS
Exploits12References4
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.41 views

Netsweeper 4.0.8 - Authentication Bypass (via New Profile Creation)

Netsweeper 4.0.8 - Authentication Bypass via New Profile Creation +-----------------------------------------------------------------+ + Netsweeper 4.0.8 - Authentication Bypass New Profile Creation + +-----------------------------------------------------------------+ Affected Product: Netsweeper...

7.5CVSS0.1AI score0.73312EPSS
Exploits3
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.45 views

Netsweeper 3.0.6 - Authentication Bypass

Netsweeper 3.0.6 - Authentication Bypass +------------------------------------------------------------------------+ + Netsweeper 3.0.6 - Authentication Bypass Account and Policy Creation + +------------------------------------------------------------------------+ Affected Product: Netsweeper Vend...

7.5CVSS0.1AI score0.1268EPSS
Exploits4
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.33 views

Netsweeper 4.0.8 - Authentication Bypass (via Disabling of IP Quarantine)

Netsweeper 4.0.8 - Authentication Bypass via Disabling of IP Quarantine +-----------------------------------------------------------------------+ + Netsweeper 4.0.8 - Authentication Bypass Disabling of IP Quarantine + +-----------------------------------------------------------------------+...

5CVSS1.2AI score0.03732EPSS
Exploits3
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.26 views

Netsweeper 4.0.4 - SQL Injection

Netsweeper 4.0.4 - SQL Injection +----------------------------------+ + Netsweeper 4.0.4 - SQL Injection + +----------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com Version : 4.0.4 and probably other versions Discovered by : Anastasios Monachos secuid0...

7.5CVSS0.5AI score0.04872EPSS
Exploits3
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.47 views

Netsweeper 4.0.8 - Arbitrary File Upload Execution

Netsweeper 4.0.8 - Arbitrary File Upload Execution +--------------------------------------------------------+ + Netsweeper 4.0.8 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com...

6.5CVSS0.2AI score0.07352EPSS
Exploits3
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.27 views

Netsweeper 4.0.9 - Arbitrary File Upload Execution

Netsweeper 4.0.9 - Arbitrary File Upload Execution +--------------------------------------------------------+ + Netsweeper 4.0.9 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.38 views

Netsweeper 2.6.29.8 - SQL Injection

Netsweeper 2.6.29.8 - SQL Injection +-------------------------------------+ + Netsweeper 2.6.29.8 - SQL Injection + +-------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com Version : 2.6.29.8 and probably other versions Discovered by : Anastasios...

7.5CVSS0.4AI score0.04064EPSS
Exploits3
exploitpack
exploitpack
added 2015/08/21 12:0 a.m.40 views

Netsweeper 4.0.8 - SQL Injection Authentication Bypass

Netsweeper 4.0.8 - SQL Injection Authentication Bypass +----------------------------------------------------------------+ + Netsweeper 4.0.8 - SQL Injection Authentication Bypass Admin + +----------------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepag...

9.4CVSS1.7AI score0.03935EPSS
Exploits4
Rows per page
Query Builder