Lucene search
K

9 matches found

NVD
NVD
added 2013/05/08 12:9 p.m.20 views

CVE-2013-3511

Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.7AI score0.01341EPSS
Exploits0References3
NVD
NVD
added 2013/05/08 12:9 p.m.22 views

CVE-2013-3502

monarchscan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie...

6.5CVSS6.9AI score0.53706EPSS
Exploits1References4
Prion
Prion
added 2013/05/08 12:9 p.m.10 views

Design/Logic Flaw

The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to bypass intended access restrictions via a direct request for a 1 log file or 2 configuration file...

4CVSS6.7AI score0.01451EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2013/05/08 12:9 p.m.14 views

Authorization

The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization checks, which allows remote authenticated users to read or modify configuration settings via unspecified vectors, as demonstrated by reading credentials...

6.5CVSS6.7AI score0.01521EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/05/08 10:0 a.m.44 views

CVE-2013-3511

The connected documents confirm an open redirect vulnerability in the NeDi component of GroundWork Monitor Enterprise 6.7.0. Impact described as attackers redirecting users to arbitrary sites, enabling phishing via unspecified vectors. No concrete remediation steps or affected version details bey...

5.8CVSS6.9AI score0.01341EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/05/08 10:0 a.m.20 views

CVE-2013-3499

GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header, which allows remote attackers to obtain administrative privileges or access files via a crafted header...

6.8AI score0.03211EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/05/08 10:0 a.m.20 views

CVE-2013-3511

Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.7AI score0.01341EPSS
Exploits0References3
CVE
CVE
added 2013/05/08 10:0 a.m.43 views

CVE-2013-3506

GroundWork Monitor Enterprise 6.7.0 (Performance component: perfchart.cgi) is vulnerable to remote command execution via Server Side Includes (SSI). The flaw stems from not properly restricting XML content, allowing an attacker to craft a .shtml file and leverage SSI to run arbitrary commands. No...

7.5CVSS7.8AI score0.02505EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/05/08 10:0 a.m.50 views

CVE-2013-3508

The CVE-2013-3508 entry affects GroundWork Monitor Enterprise 6.7.0 (NeDi component). The vulnerability exists in html/System-Files.php within the System File Overview feature, allowing remote authenticated users to execute arbitrary commands via vectors involving file editing. Base score is 6.5 ...

6.5CVSS7.3AI score0.01969EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder