Lucene search
K

7 matches found

NVD
NVD
added 2024/06/25 8:15 p.m.27 views

CVE-2024-4884

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges...

9.8CVSS0.24306EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/25 7:48 p.m.45 views

CVE-2024-4885 WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges...

9.8CVSS0.99288EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/25 7:46 p.m.30 views

CVE-2024-4884 WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges...

9.8CVSS0.24306EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/25 7:46 p.m.26 views

CVE-2024-4884 WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges...

9.8CVSS8AI score0.24306EPSS
Exploits0References2
CVE
CVE
added 2024/06/25 7:46 p.m.95 views

CVE-2024-4884

The CVE-2024-4884 family affects Progress WhatsUp Gold versions released before 2023.1.3, with unauthenticated remote code execution via the CommunityController (Apm.UI.Areas.APM.Controllers.CommunityController) and related paths (GetFileWithoutZip) that allow command execution with iisapppool\nm...

9.8CVSS10AI score0.24306EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2021/10/01 12:0 a.m.448 views

WhatsUpGold 21.0.3 - Stored Cross-Site Scripting Vulnerability

Exploit Title: WhatsUpGold 21.0.3 - Stored Cross-Site Scripting XSS Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.21.0.3, Build 188 Tested on: Windows 2019 Server CVE : CVE-2021-41318 Reference: https://f20.be/cves/poc-cve-2021-41318 Description:...

6.1CVSS6.4AI score0.05881EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/10/01 12:0 a.m.402 views

WhatsUpGold 21.0.3 Cross Site Scripting

Exploit Title: WhatsUpGold 21.0.3 - Stored Cross-Site Scripting XSS Date: 09.17.2021 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.21.0.3, Build 188 Tested on: Windows 2019 Server CVE : CVE-2021-41318 Reference:...

6.4AI score0.05881EPSS
Exploits4
Rows per page
Query Builder