38 matches found
CVE-2026-2737
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2737 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon web application
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2737
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2737
CVE-2026-2737 affects Progress Flowmon before versions 12.5.8 and 13.0.6. An administrator who clicks a malicious link within an authenticated Flowmon web session may trigger unintended actions. The available sources describe the affected product versions and the login-session impact but do not s...
CVE-2026-3692
Progress Flowmon
CVE-2026-3692 Unintended command execution during report generation in Progress Flowmon
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...
PT-2026-29737
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
Progress Flowmon 跨站脚本漏洞
Progress Flowmon is a real-time network traffic monitoring tool developed by Progress Corporation. Versions of Progress Flowmon prior to 12.5.8 and 13.0.6 contained a cross-site scripting vulnerability. This vulnerability could lead to unexpected operations when administrators clicked on maliciou...
Progress Flowmon 操作系统命令注入漏洞
Progress Flowmon is a real-time network traffic monitoring tool developed by Progress Corporation. Versions of Progress Flowmon prior to 12.5.8 contained an operating system command injection vulnerability. This vulnerability stemmed from requests created by authenticated, low-privilege users...
CVE-2026-2513
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2514 Possibility of unintended actions when viewing maliciously crafted network data in Progress Flowmon ADS web application
In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed by Flowmon ADS and viewed by an authenticated user, could result in unintended actions being...
CVE-2026-2513
Progress Flowmon ADS vulnerable in versions prior to 12.5.5 and 13.0.3. An administrator who clicks a malicious link within an authenticated web session may trigger unintended actions, exposing high-severity risk (CVSS 8.6; Network vector, user interaction required). The advisory does not include...
CVE-2026-2513 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon ADS web application
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2513 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon ADS web application
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2513
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
PT-2026-24948
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2025-13774
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...
CVE-2025-13774
Progress Flowmon ADS contains an SQL injection vulnerability in versions prior to 12.5.4 and prior to 13.0.1, exploitable by authenticated users to execute unintended SQL queries and commands. Multiple sources (NVD, Red Hat, CVE records, CNNVD, and other feeds) corroborate the issue and specify t...
CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...
CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...