CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-2353
https://notcve.org/view.php?id=CVE-2006-2353
NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters. • http://secunia.com/advisories/20075 http://securityreason.com/securityalert/897 http://www.osvdb.org/25473 http://www.securityfocus.com/archive/1/433808 http://www.vupen.com/english/advisories/2006/1787 https://exchange.xforce.ibmcloud.com/vulnerabilities/26502 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2006-2354
https://notcve.org/view.php?id=CVE-2006-2354
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • http://secunia.com/advisories/20075 http://www.osvdb.org/25476 https://exchange.xforce.ibmcloud.com/vulnerabilities/26503 •