Lucene search
K

153 matches found

CNVD
CNVD
added 2017/09/26 12:0 a.m.12 views

Netsweeper Information Disclosure Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper versions prior to 3.1.10, 4.0.x versions prior to 4.0.9, and 4.1.x versions prior to 4.1.2. A remote attacker could exploit the vulnerability to obtain sensitive information...

7.5CVSS7.5AI score0.02447EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/26 12:0 a.m.4 views

Netsweeper Authentication Bypass Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper versions prior to 3.1.10, 4.0.x prior to 4.0.9 and 4.1.x prior to 4.1.2. A remote attacker can exploit this vulnerability by sending the 'ip' parameter to the...

5.3CVSS5.6AI score0.03732EPSS
Exploits3References1
CNVD
CNVD
added 2017/09/26 12:0 a.m.4 views

Netsweeper Authentication Bypass Vulnerability (CNVD-2017-30729)

Netsweeper is a Canadian company Netsweeper's set of Web content filtering solutions.Client Filter Admin portal is one of the filter management program. A security vulnerability exists in the Client Filter Admin portal in Netsweeper versions prior to 3.1.10, 4.0.x versions prior to 4.0.9 and 4.1....

9.8CVSS9.6AI score0.73312EPSS
Exploits3References1
CNVD
CNVD
added 2017/09/26 12:0 a.m.9 views

Netsweeper Authentication Bypass Vulnerability (CNVD-2017-30727)

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in versions of Netsweeper prior to 4.0.5. A remote attacker can exploit this vulnerability by sending a request to the webadmin/nslam/index.php file to bypass authentication and create arbitrary...

9.8CVSS9.7AI score0.1268EPSS
Exploits4References1
Prion
Prion
added 2017/09/19 3:29 p.m.17 views

Authentication flaw

The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL...

7.5CVSS7.5AI score0.73312EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2017/09/19 3:29 p.m.20 views

Unrestricted file upload

Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...

6.5CVSS7.7AI score0.07352EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2017/09/19 3:29 p.m.17 views

CVE-2014-9611

Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php...

9.8CVSS9.6AI score0.1268EPSS
Exploits4References2
NVD
NVD
added 2017/09/19 3:29 p.m.26 views

CVE-2014-9619

Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...

7.2CVSS7.2AI score0.07352EPSS
Exploits3References2
Prion
Prion
added 2017/09/19 3:29 p.m.15 views

Authentication flaw

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantinedisable.php...

5CVSS7.5AI score0.03732EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2017/09/19 3:29 p.m.19 views

CVE-2014-9616

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to obtain sensitive information by making a request that redirects to the deny page...

7.5CVSS7.4AI score0.02447EPSS
Exploits1References1
NVD
NVD
added 2017/09/19 3:29 p.m.17 views

CVE-2014-9618

The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL...

9.8CVSS9.5AI score0.73312EPSS
Exploits3References2
Prion
Prion
added 2017/09/19 3:29 p.m.13 views

Cross site request forgery (csrf)

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to obtain sensitive information by making a request that redirects to the deny page...

5CVSS6.7AI score0.02447EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/09/19 3:29 p.m.14 views

CVE-2014-9610

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantinedisable.php...

5.3CVSS5.5AI score0.03732EPSS
Exploits3References2
Prion
Prion
added 2017/09/19 3:29 p.m.12 views

Authentication flaw

Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php...

7.5CVSS7.5AI score0.1268EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2017/09/19 3:0 p.m.21 views

CVE-2014-9616

Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to obtain sensitive information by making a request that redirects to the deny page...

7.4AI score0.02447EPSS
Exploits1References1
CVE
CVE
added 2017/09/19 3:0 p.m.52 views

CVE-2014-9619

CVE-2014-9619 affects Netsweeper Webadmin: unrestricted file upload via webadmin/ajaxfilemanager/ajaxfilemanager.php. An authenticated admin can upload a file with a double extension and, by requesting it from webadmin/deny/images/, execute arbitrary PHP code (e.g., secuid0.php.gif). Affected ver...

7.2CVSS7.3AI score0.07352EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2017/09/19 3:0 p.m.59 views

CVE-2014-9611

CVE-2014-9611 affects Netsweeper prior to 4.0.5. An unauthenticated remote attacker can bypass authentication via the request to webadmin/nslam/index.php and can create arbitrary user accounts and policies. This is evidenced by the CNVD-2017-30727 entry and the corroborating exploit references no...

9.8CVSS9.5AI score0.1268EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2017/09/19 3:0 p.m.58 views

CVE-2014-9616

CVE-2014-9616 affects Netsweeper versions prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2. The issue allows remote attackers to obtain sensitive information by issuing a request that redirects to the deny page. Affected component/behavior is an information disclosure via misdirect...

7.5CVSS7.3AI score0.02447EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/09/19 3:0 p.m.18 views

CVE-2014-9611

Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php...

9.7AI score0.1268EPSS
Exploits4References2
Cvelist
Cvelist
added 2017/09/19 3:0 p.m.27 views

CVE-2014-9619

Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...

7.4AI score0.07352EPSS
Exploits3References2
Rows per page
Query Builder