Page 2 of 8 results (0.003 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter. • http://marc.info/?l=bugtraq&m=110692897003614&w=2 http://securitytracker.com/id?1013038 http://www.securityfocus.com/bid/12395 •

CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 2

Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter. • https://www.exploit-db.com/exploits/22542 https://www.exploit-db.com/exploits/22541 http://securityreason.com/securityalert/3286 http://www.securityfocus.com/archive/1/319735 http://www.securityfocus.com/bid/7438 http://www.securityfocus.com/bid/7439 https://exchange.xforce.ibmcloud.com/vulnerabilities/11874 https://exchange.xforce.ibmcloud.com/vulnerabilities/11875 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 36%CPEs: 1EXPL: 4

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument. Desbordamiento de búfer en WebAdmin.exe de WebAdmin permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP al WebAdmin.dll con un argumento USER largo. • https://www.exploit-db.com/exploits/16776 https://www.exploit-db.com/exploits/1210 https://www.exploit-db.com/exploits/22833 https://www.exploit-db.com/exploits/22834 http://marc.info/?l=bugtraq&m=105647081418155&w=2 http://marc.info/?l=bugtraq&m=105648385900792&w=2 http://www.osvdb.org/2207 http://www.securityfocus.com/bid/8024 •