CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

Moodle Privilege escalation in quiz web services

In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the...

web-corpora.net Cross Site Scripting vulnerability OBB-3896470

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

RHEL 7 : web-admin-build (RHSA-2022:1628)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1628 advisory. Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active...

CVE-2023-1841 Honeywell MPA2 Web Application XSS vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Honeywell MPA2 Access Panel (Web server modules) allows XSS Using Invalid Characters.This issue affects MPA2 Access Panel all version prior to R1.00.08.05. Honeywell released firmware update...

CVE-2023-27564

The n8n package 0.218.0 for Node.js allows Information...

CVE-2023-27562

The n8n package 0.218.0 for Node.js allows Directory...

CVE-2023-1841 Honeywell MPA2 Web Application XSS vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Honeywell MPA2 Access Panel (Web server modules) allows XSS Using Invalid Characters.This issue affects MPA2 Access Panel all version prior to R1.00.08.05. Honeywell released firmware update...

(RHSA-2024:1917) Important: Red Hat JBoss Web Server 6.0.2 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

(RHSA-2024:1914) Important: Red Hat JBoss Web Server 5.8.0 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

(RHSA-2024:1913) Important: Red Hat JBoss Web Server 5.8.0 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

(RHSA-2024:1916) Important: Red Hat JBoss Web Server 6.0.2 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

Rancher < 2.2.4 Web Parameter Tampering

The version of a Docker container of Rancher is &lt; 2.2.4 and, thus, is affected by web parameter tampering vulnerability. A vulnerability exists in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols....

Fortinet FortiClient EMS Web Interface Detection

The web interface for Fortinet FortiClient EMS, an endpoint management solution, was detected on the remote...

Progress MOVEit Transfer Web Interface Detection

The web interface for Progress MOVEit Transfer (formerly known as Ipswitch MOVEit DMZ) was detected on the remote host. This plugin does not attempt to detect the...

Quest DR Series Appliance Web Detection

The web interface for a Quest DR Series disk backup appliance, formerly Dell DR Series, was detected on the remote...

Veritas NetBackup Appliance Web Console Detection

An administrative web console for Veritas NetBackup Appliance, a device for storage and backup applications, is running on the remote...

VMware Aria Operations Web UI Detection

The remote web server is running the web UI for VMWare Aria Operations (formerly VMware vRealize Operations Manager), a cloud operations management...

iniNet SpiderControl SCADA Web Server Detection

The remote host is running the iniNet SpiderControl Web Server, a component of a software platform for managing and monitoring remote SCADA...

Schneider Electric InduSoft Web Studio Detection

The remote host is running Schneider Electric InduSoft Web Studio, a software application for managing and monitoring remote SCADA...

Visualware MyConnection Server Web Default Credentials

The remote host is configured to accept the default credentials for Visualware MyConnection Server (MCS), a web-based network quality management application. A remote attacker can exploit this to gain administrative...

Advantech WebAccess Web Administration Interface Detection

The remote host is running a web interface for Advantech WebAccess, a web-based SCADA HMI...

NETGEAR Wireless-N Router Web Detection

A NETGEAR Wireless-N Router was detected on the remote host. It is possible to determine the device firmware version and model...

IBM Cognos Analytics Web Interface Detection

The web interface for IBM Cognos Analytics was detected on the remote...

Cisco EPN Manager Detection (Web UI)

The remote host is running Cisco Evolved Programmable Network (EPN) Manager, an application used for element and network management across converged access, aggregation, and core...

Johnson Controls exacqVision Web Service Detection

The Johnson Controls exacqVision Web Service, a web application allowing users to use a web browser to view live video, search and play back recorded video, and control pan/tilt/zoom functions on cameras connected to exacqVision servers, is running on the remote...

Hikvision IP Camera Web Interface Detection

Nessus was able to detect the web interface for a Hikvision IP camera on the remote...

Emerson SM-Ethernet Web Interface Detection

The remote host is running an Emerson SM-Ethernet web interface, part of a software platform for managing and monitoring remote SCADA...

IBM Storwize Web Management Interface Detection

The remote host is running a web management interface for administering an IBM Storwize device, a storage management...

Progress Kemp Flowmon Web Interface Detection

The web interface for Progress Kemp Flowmon was detected on the remote...

IBM Data Risk Manager Web Detection

The web interface for the IBM Data Risk Manager virtual appliance was detected on the remote...

HP PageWide Printer Web Interface Detection

The remote host is an HP PageWide printer. It is possible to obtain the product, firmware versions, and more via the web...

ShareFile Storage Zones Controller Web Detection

The web interface for Citrix ShareFile Storage Zones Controller was detected on the remote host. ShareFile is a secure content collaboration, file sharing and sync solution. Storage Zones Controller provides private data storage, either an on-premises network share that you manage or a supported...

Cisco Telepresence Management Suite Web Detection

This script uses Windows credentials to detect whether the remote host is running Cisco Telepresence Management Suite, a video conferencing application, and extracts the version number if...

NetApp SANtricity Web Services Proxy Detection

The remote host is running NetApp SANtricity Web Services Proxy, which provides a REST API for managing NetApp...

Western Digital MyCloud Web Interface Detection

Nessus was able to detect the web administration interface for a Western Digital MyCloud device on the remote...

Trend Micro OfficeScan Web Interface Detection

Trend Micro OfficeScan, an enterprise security platform, is running on the remote host. It is possible to extract version information if login credentials are...

Western Digital TV Web Interface Detection

Nessus was able to detect the web administration interface for a Western Digital TV device on the remote...

Cisco Security Manager Web Server Detection

Cisco Security Manager, a security management platform that helps enable policy enforcement, is running on the remote web...

IBM Rational ClearQuest Web Client Detection

IBM Rational ClearQuest Web Client, a web interface for change management software, was detected on the remote...

Fortinet FortiAuthenticator Appliance Web Interface Detection

The remote host is running the web interface for the Fortinet FortiAuthenticator appliance, an identity management...

Honeywell Excel (XL) Web Controller Detection

The remote host is a Honeywell Excel (XL) Web SCADA controller, a system for HVAC control applications and building automation...

Quantum vmPRO Web Administration Interface Detection

Nessus detected the wed administration interface for a Quantum vmPRO virtual appliance. Quantum vmPRO is a backup / data protection solution virtual...

McAfee Web Reporter Detection (remote check)

McAfee Web Reporter, a reporting tool used to identify internet usage in an organization, is installed on the remote...

McAfee Web Reporter Installed (credentialed check)

McAfee Web Reporter, a reporting tool used to identify Internet usage in an organization, is installed on the remote Windows...

Microsoft Azure CycleCloud Web Interface Detection

The web interface for Microsoft Azure CycleCloud was detected on the remote...

Microsoft Azure Service Fabric Web Detection

The web application or API for Azure Service Fabric, a container and microservices platform was detected on the remote...

SolarWinds Web Help Desk Installed (Windows)

SolarWinds Web Help Desk was detected on the remote Windows...

Cisco DNA Spaces Connector Web Detection.

The web user interface for Cisco DNA Spaces Connector was detected on the remote host. Note that HTTP form credentials are required to retrieve version...

Zebra ZTC Printer Web Interface Detection

The remote host is a Zebra...

HP DesignJet Printer Web Interface Detection

The web interface for HP DesignJet Printer was detected on the remote...