Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Whatsup Gold Security Vulnerabilities - 2023

cve
cve

CVE-2023-35759

In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.

6.1CVSS

6.6AI Score

0.001EPSS

2023-06-23 08:15 PM
105
cve
cve

CVE-2023-6364

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the crafted payload, the attacker wo...

7.6CVSS

5.1AI Score

0.0004EPSS

2023-12-14 04:15 PM
15
cve
cve

CVE-2023-6365

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be ...

7.6CVSS

5AI Score

0.0004EPSS

2023-12-14 04:15 PM
17
cve
cve

CVE-2023-6366

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be ab...

7.6CVSS

5.1AI Score

0.0004EPSS

2023-12-14 04:15 PM
19
cve
cve

CVE-2023-6367

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to e...

7.6CVSS

5.1AI Score

0.0004EPSS

2023-12-14 04:15 PM
13
cve
cve

CVE-2023-6368

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold.

5.9CVSS

5.3AI Score

0.001EPSS

2023-12-14 04:15 PM
15
cve
cve

CVE-2023-6595

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.

7.5CVSS

5.3AI Score

0.001EPSS

2023-12-14 04:15 PM
16