VYPR

Web UI

by Tenable

CVEs (4)

  • CVE-2019-5029Nov 13, 2019
    risk 0.10cvss epss 0.57

    An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches…

  • CVE-2014-7280Oct 21, 2014
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.

  • CVE-2024-11948Dec 11, 2024
    risk 0.00cvss epss 0.01

    GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the…

  • CVE-2014-4980Jul 23, 2014
    risk 0.00cvss epss 0.02

    The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.