Lansweeper

Lansweeper

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-32763

Exploit
  • EPSS 0.86%
  • Veröffentlicht 15.12.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 07:06:54

A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP ...

8.8

CVE-2022-32573

Exploit
  • EPSS 25.44%
  • Veröffentlicht 15.12.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 07:06:39

A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulne...

8.8

CVE-2022-29517

Exploit
  • EPSS 46.22%
  • Veröffentlicht 15.12.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 06:59:14

A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger t...

6.5

CVE-2022-29511

Exploit
  • EPSS 16.55%
  • Veröffentlicht 15.12.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 06:59:13

A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to ...

5.4

CVE-2022-28703

Exploit
  • EPSS 3.89%
  • Veröffentlicht 15.12.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 06:57:46

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send ...

6.5

CVE-2022-27498

  • EPSS 48.38%
  • Veröffentlicht 15.12.2022 10:15:10
  • Zuletzt bearbeitet 21.11.2024 06:55:50

A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request...

8.8

CVE-2022-21210

Exploit
  • EPSS 10.52%
  • Veröffentlicht 14.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:44:07

An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8

CVE-2022-22149

Exploit
  • EPSS 23.15%
  • Veröffentlicht 14.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:46:15

A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulner...

8.8

CVE-2022-21234

Exploit
  • EPSS 10.99%
  • Veröffentlicht 14.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:44:10

An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

4.8

CVE-2022-21145

Exploit
  • EPSS 6.61%
  • Veröffentlicht 14.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:43:59

A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to t...